ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks towards web applications. It monitors the HTTP traffic to a given Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do that - as an example, trying to log in to a script administration area unsuccessfully a few times activates one rule, sending a request to execute a certain file that could result in getting access to the site triggers another rule, etcetera. ModSecurity is among the best firewalls out there and it'll preserve even scripts that are not updated regularly because it can prevent attackers from using known exploits and security holes. Incredibly thorough information about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs created by the Apache server, so you could later take a look at them and decide whether you need to take extra measures in order to improve the protection of your script-driven sites.

ModSecurity in Hosting

ModSecurity is supplied with all hosting servers, so if you opt to host your Internet sites with our company, they will be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view specific logs using your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the security of our clients' websites seriously, we employ a group of commercial rules which we take from one of the top firms that maintain this sort of rules. Our admins also add custom rules to make sure that your Internet sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

Any web app that you install within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain that you include or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it fully, but you can also activate a passive mode, so the firewall will not block anything, but it shall still maintain an archive of possible attacks. This requires just a mouse click and you will be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our administrators update personally in order to respond to recently discovered risks as soon as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any app which you upload or set up shall be properly secured from the very beginning and you will not have to bother about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will discover in the logs can easily help you to secure your Internet sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this info, you could see whether a website needs an update, if you should block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well if they find a new threat that's not yet included in the commercial bundle.