ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is an effective firewall for Apache web servers that is used to prevent attacks against web apps. It tracks the HTTP traffic to a specific site in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administrator area unsuccessfully several times triggers one rule, sending a request to execute a certain file that could result in getting access to the Internet site triggers another rule, and so forth. ModSecurity is one of the best firewalls available on the market and it will secure even scripts that are not updated regularly as it can prevent attackers from employing known exploits and security holes. Very comprehensive information about every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the standard logs provided by the Apache server, so you could later examine them and determine if you need to take more measures in order to boost the protection of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting solutions that we provide and it will be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites shall feature comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are frequently updated and incorporate both commercial ones we get from a third-party security company and custom ones which our system administrators add in the event that they detect a new kind of attacks. That way, the sites you host here shall be way more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer come with ModSecurity and given that the firewall is turned on by default, any site you create under a domain or a subdomain will be protected straight away. An individual section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still detect possible attacks and shall keep all information within a log as if it were fully active. The logs can be found within the exact same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules which we use on our machines are a mix between commercial ones from a security firm and custom ones made by our system admins. For that reason, we provide greater security for your web programs as we can protect them from attacks before security businesses release updates for new threats.

ModSecurity in Dedicated Web Hosting

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. In the event that a web app doesn't operate adequately, you can either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack which may happen, but won't take any action to prevent it. The logs generated in active or passive mode shall present you with more details about the exact file that was attacked, the form of the attack and the IP address it originated from, and so on. This information will enable you to determine what actions you can take to improve the security of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security provider we work with, but oftentimes our administrators add their own rules also when they identify a new potential threat.