ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Get Started

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the traffic than any web server does, so you shall manage to keep track of what's going on with your websites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies if anyone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall hinders the attempts right away, and then records comprehensive info about them within its logs. ModSecurity is one of the most effective software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Hosting

ModSecurity can be found with every hosting package that we provide and it's activated by default for every domain or subdomain that you add through your Hepsia CP. In the event that it disrupts any of your apps or you'd like to disable it for whatever reason, you will be able to achieve that through the ModSecurity area of Hepsia with only a click. You may also use a passive mode, so the firewall will recognize possible attacks and maintain a log, but will not take any action. You could view comprehensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a collection of commercial firewall rules mixed with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your websites with us, there shall not be anything special you will have to do since the firewall is switched on by default for all domains and subdomains you include using your hosting CP. If required, you'll be able to disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to stop potential attacks against your sites. In depth logs shall be available inside your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We employ 2 kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our administrators occasionally add to respond to newly found threats in a timely manner.

ModSecurity in VPS Web Hosting

ModSecurity is provided with all Hepsia-based virtual private servers we offer and it'll be activated automatically for every new domain or subdomain which you add on the hosting server. In this way, any web application which you install shall be secured right away without doing anything personally on your end. The firewall may be handled via the section of the Control Panel which has the same name. This is the place in whichyou'll be able to turn off ModSecurity or activate its passive mode, so it will not take any action against threats, but will still keep a comprehensive log. The recorded info is available inside the same section as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones which we get from a security organization and custom ones that are added by our staff to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the server. Just in case that a web app doesn't work adequately, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which might occur, but will not take any action to prevent it. The logs created in passive or active mode shall give you more details about the exact file which was attacked, the type of the attack and the IP address it came from, and so on. This information will permit you to choose what measures you can take to enhance the protection of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial pack from a third-party security company we work with, but occasionally our admins include their own rules also if they find a new potential threat.