ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is an efficient firewall for Apache web servers that is used to prevent attacks towards web applications. It monitors the HTTP traffic to a specific site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do this - as an example, attempting to log in to a script admin area unsuccessfully a few times activates one rule, sending a request to execute a particular file that may result in getting access to the website triggers another rule, and so on. ModSecurity is amongst the best firewalls available on the market and it'll protect even scripts which are not updated often because it can prevent attackers from employing known exploits and security holes. Very detailed information about each intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the regular logs provided by the Apache server, so you can later analyze them and determine if you need to take more measures so as to improve the protection of your script-driven sites.

ModSecurity in Hosting

ModSecurity is provided with all hosting servers, so when you choose to host your websites with our firm, they will be protected against a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if needed, or to enable a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs from your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our clients' websites seriously, we use a group of commercial rules which we take from one of the leading companies which maintain such rules. Our admins also add custom rules to make certain that your websites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web application you set up within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only can you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall shall not block anything, but it shall still keep a record of potential attacks. This requires only a click and you'll be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall uses two groups of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to recently discovered risks as soon as possible.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web apps shall be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a mouse click through the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall maintain a detailed log of any potential attacks without taking any action to stop them. The logs can be found in the very same section and offer information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For best security, we use not simply commercial rules from a company working in the field of web security, but also custom ones that our administrators include personally so as to react to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. In case that a web app does not work correctly, you can either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack that might take place, but shall not take any action to stop it. The logs generated in active or passive mode shall provide you with additional details about the exact file that was attacked, the nature of the attack and the IP address it came from, etcetera. This data will enable you to decide what actions you can take to enhance the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial package from a third-party security firm we work with, but sometimes our staff add their own rules also if they come across a new potential threat.