ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks towards web apps. It tracks the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a certain file which may result in gaining access to the site triggers another rule, and so forth. ModSecurity is among the best firewalls around and it will secure even scripts which are not updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Quite detailed information about every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the regular logs generated by the Apache server, so you could later take a look at them and determine if you need to take extra measures in order to boost the protection of your script-driven websites.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting machines, so when you decide to host your Internet sites with our organization, they shall be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our clients' sites seriously, we employ a collection of commercial rules that we take from one of the top companies which maintain such rules. Our admins also include custom rules to make sure that your sites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you choose to host your sites with us, there won't be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains that you include using your hosting Control Panel. If needed, you can disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to stop potential attacks against your sites. In depth logs will be available inside your CP and you'll be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We use 2 sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones that our administrators sometimes add to respond to newly identified threats on time.

ModSecurity in VPS Web Hosting

All virtual private servers that are offered with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the server, so there will not be anything special which you will have to do to protect your Internet sites. It shall take you just a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You shall be able to look at the logs produced in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to deal with it, and so forth. We use a mixture of commercial and custom rules so as to make certain that ModSecurity shall stop as many threats as possible, consequently improving the security of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any program you upload or install will be properly secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily enable you to to secure your websites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you can see if a site needs an update, if you need to block IPs from accessing your server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones too if they find a new threat that is not yet a part of the commercial bundle.