ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the website visitors than any server does, so you'll be able to keep track of what's happening with your Internet sites a lot better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it identifies whether somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a certain command. In such situations these attempts set off the corresponding rules and the firewall blocks the attempts in real time, and then records comprehensive details about them inside its logs. ModSecurity is among the very best software firewalls available and it could easily protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting solutions that we provide and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites shall feature detailed information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and consist of both commercial ones we get from a third-party security firm and custom ones our system admins add in case that they detect a new sort of attacks. That way, the Internet sites which you host here will be way more secure without any action required on your end.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity as a standard within all semi-dedicated hosting products, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any website with a click. You'll also be able to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack caused, where it originated from, etc. The list of rules we use is frequently updated in order to match any new threats that might appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web programs will be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it will keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the exact same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a company operating in the field of web security, but also custom ones which our admins add manually in order to react to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be secured straight away because ModSecurity is supplied with all Hepsia-based plans. You shall be able to regulate the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what's going on without taking any action to stop possible attacks. The logs that you'll find in the same section of the Control Panel are quite detailed and feature details about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etcetera. This information shall permit you to take measures and improve the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators add every time they detect attacks which have not yet been included inside the commercial pack.