ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks against web applications. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - for example, attempting to log in to a script administrator area without success a few times triggers one rule, sending a request to execute a certain file that may result in gaining access to the site triggers a different rule, etc. ModSecurity is amongst the best firewalls out there and it will protect even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about each intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the conventional logs created by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to boost the security of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity is provided with all shared hosting servers, so when you decide to host your sites with our business, they shall be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. As we take the security of our clients' Internet sites seriously, we use a set of commercial rules that we take from one of the leading firms that maintain such rules. Our administrators also add custom rules to make sure that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and because the firewall is turned on by default, any site which you build under a domain or a subdomain will be secured immediately. A separate section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to stop and start the firewall for any site or switch on a detection mode. With the latter, ModSecurity shall not take any action, but it shall still identify possible attacks and shall keep all information in a log as if it were 100% active. The logs can be found in the exact same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules that we employ on our machines are a mix of commercial ones from a security business and custom ones created by our system administrators. Therefore, we offer increased security for your web programs as we can defend them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS

Protection is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you won't have to do anything manually. You shall also be able to deactivate it or switch on the so-called detection mode, so it shall keep a log of possible attacks that you can later analyze, but won't block them. The logs in both passive and active modes include details regarding the kind of the attack and how it was eliminated, what IP address it originated from and other valuable data that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules as from time to time we find specific attacks that are not yet present inside the commercial pack. This way, we could boost the protection of your Virtual private server instantly instead of awaiting an official update.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it because it is enabled by default every time you include a new domain or subdomain on your server. In case it interferes with any of your applications, you will be able to stop it through the respective part of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and shall still keep a log for them, but shall not prevent them. You could examine the logs later to learn what you can do to enhance the safety of your Internet sites since you shall find info such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules that we employ are commercial, thus they are constantly updated by a security company, but to be on the safe side, our administrators also include custom rules once in a while as to respond to any new threats they have discovered.