ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Get Started

ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the site visitors than any web server does, so you shall manage to keep track of what's happening with your websites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes if someone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a specific command. In these circumstances these attempts trigger the corresponding rules and the firewall software hinders the attempts in real time, and then records in-depth information about them inside its logs. ModSecurity is one of the most effective software firewalls out there and it can protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Hosting

We offer ModSecurity with all hosting solutions, so your Internet apps will be protected against destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you shall be able to stop it using the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find in Hepsia are quite detailed and feature information about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, and so on. We employ a range of commercial rules that are often updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer include ModSecurity and given that the firewall is switched on by default, any website you build under a domain or a subdomain will be secured right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still recognize possible attacks and will keep all data inside a log as if it were 100% active. The logs could be found inside the very same section of the Control Panel and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules which we use on our web servers are a mix between commercial ones from a security firm and custom ones developed by our system admins. For that reason, we offer higher security for your web programs as we can defend them from attacks even before security businesses release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web applications will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click of your mouse via the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found within the exact same section and offer details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we use not just commercial rules from a business working in the field of web security, but also custom ones which our admins include personally so as to react to new threats that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

If you choose to host your websites on a dedicated server with the Hepsia CP, your web programs shall be protected straight away since ModSecurity is supplied with all Hepsia-based packages. You'll be able to control the firewall without difficulty and if necessary, you will be able to turn it off or enable its passive mode when it shall only keep a log of what's going on without taking any action to stop potential attacks. The logs which you will find inside the very same section of the Control Panel are extremely detailed and include information about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data shall enable you to take measures and enhance the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins add whenever they detect attacks that haven't yet been included in the commercial pack.