ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and when it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the website visitors than any web server does, so you'll manage to keep an eye on what is going on with your websites much better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether anyone is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall program blocks the attempts instantly, then records in-depth information about them inside its logs. ModSecurity is among the very best software firewalls on the market and it can easily protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting solutions, so your Internet apps shall be shielded from harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective part of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll find within Hepsia are extremely detailed and feature information about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity by default in all semi-dedicated hosting packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any site with a click. You'll also have the ability to turn on a passive detection mode in which ModSecurity shall keep a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response this attack generated, where it originated from, and so on. The list of rules which we use is constantly updated as to match any new threats that might appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our admins include if they find a threat which is not present inside the commercial list yet.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web programs shall be secured from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall keep a comprehensive log of any possible attacks without taking any action to stop them. The logs can be found in the same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we use not just commercial rules from a business working in the field of web security, but also custom ones that our administrators include personally so as to react to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program which you upload or install shall be secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An independent section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall discover in the logs can easily allow you to to secure your Internet sites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this information, you can see if a site needs an update, whether you ought to block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too every time they discover a new threat which is not yet in the commercial bundle.