ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the site visitors than any server does, so you shall be able to monitor what's going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it recognizes if somebody is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall blocks the attempts right away, after that records in-depth information about them inside its logs. ModSecurity is one of the very best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans which we provide and it will be turned on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and deactivate it with just a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites will contain comprehensive information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and include both commercial ones which we get from a third-party security firm and custom ones which our system administrators add in the event that they detect a new sort of attacks. This way, the sites which you host here will be way more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

Any web application which you install inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain which you include or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall will not block anything, but it shall still keep an archive of possible attacks. This requires just a mouse click and you'll be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall employs two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our admins update personally in order to respond to recently discovered threats as soon as possible.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers we offer and it shall be turned on automatically for every new domain or subdomain that you include on the server. This way, any web application which you install shall be protected immediately without doing anything manually on your end. The firewall can be managed through the section of the Control Panel that bears the same name. This is the location whereyou can switch off ModSecurity or activate its passive mode, so it shall not take any action towards threats, but shall still keep a thorough log. The recorded data is available in the same section as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones which we get from a security company and custom ones that are included by our administrators to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web app doesn't operate properly, you could either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that might happen, but will not take any action to prevent it. The logs created in active or passive mode shall provide you with additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, etcetera. This info shall allow you to determine what actions you can take to boost the safety of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial package from a third-party security provider we work with, but oftentimes our administrators add their own rules too in case they discover a new potential threat.