ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and if it detects an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the site visitors than any server does, so you'll be able to keep an eye on what's going on with your websites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes if anyone is attempting to log in to the admin area of a specific script several times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, and then records detailed info about them inside its logs. ModSecurity is one of the very best software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

ModSecurity comes by default with all shared web hosting solutions which we supply and it shall be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with simply a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will feature detailed information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are regularly updated and consist of both commercial ones that we get from a third-party security firm and custom ones that our system administrators add in the event that they detect a new kind of attacks. In this way, the sites you host here will be a lot more protected without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer feature ModSecurity and since the firewall is turned on by default, any site which you build under a domain or a subdomain shall be protected straight away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still recognize possible attacks and will keep all info in a log as if it were fully active. The logs can be found within the same section of the Control Panel and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we employ on our servers are a mix between commercial ones from a security firm and custom ones created by our system admins. Therefore, we offer increased security for your web apps as we can shield them from attacks before security businesses release updates for new threats.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any app you upload or set up shall be protected from the very beginning and you will not need to stress about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll find in the logs shall help you to secure your websites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you could see whether a site needs an update, whether you ought to block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well when they discover a new threat that is not yet a part of the commercial bundle.