ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is an effective firewall for Apache web servers that is employed to prevent attacks against web apps. It monitors the HTTP traffic to a given site in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administration area unsuccessfully a few times triggers one rule, sending a request to execute a certain file which could result in accessing the site triggers another rule, etcetera. ModSecurity is among the best firewalls available on the market and it will secure even scripts which aren't updated regularly as it can prevent attackers from using known exploits and security holes. Very detailed data about each and every intrusion attempt is recorded and the logs the firewall keeps are much more specific than the standard logs created by the Apache server, so you could later take a look at them and decide if you need to take more measures so as to boost the protection of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting web servers, so when you opt to host your sites with our firm, they shall be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs from your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our clients' websites very seriously, we employ a collection of commercial rules that we take from one of the best companies that maintain this sort of rules. Our administrators also add custom rules to make certain that your sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default in all semi-dedicated server packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will permit you to enable or turn off the firewall for any site with a click. You'll also have the ability to activate a passive detection mode through which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs contain the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so on. The list of rules we use is regularly updated as to match any new risks that might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our admins include in the event that they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it shall be activated automatically for every new domain or subdomain you include on the web server. In this way, any web app you install shall be protected right away without doing anything personally on your end. The firewall may be managed through the section of the Control Panel that bears the same name. This is the area in whichyou can turn off ModSecurity or let its passive mode, so it won't take any action toward threats, but shall still keep a detailed log. The recorded information is available in the same area as well and you will be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we employ on our servers are a mix between commercial ones that we obtain from a security firm and custom ones that are added by our admins to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. Just in case that a web application does not function properly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which could occur, but won't take any action to prevent it. The logs generated in passive or active mode will give you more details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so on. This info shall enable you to choose what steps you can take to enhance the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial package from a third-party security enterprise we work with, but occasionally our administrators include their own rules also if they identify a new potential threat.