ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a highly effective firewall for Apache web servers that is employed to stop attacks against web applications. It monitors the HTTP traffic to a certain site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script administration area unsuccessfully several times activates one rule, sending a request to execute a certain file which could result in accessing the website triggers another rule, and so forth. ModSecurity is among the best firewalls available and it'll secure even scripts which are not updated often because it can prevent attackers from employing known exploits and security holes. Quite thorough data about every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the regular logs generated by the Apache server, so you may later analyze them and decide if you need to take more measures so as to increase the safety of your script-driven websites.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting plans which we supply and it shall be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites shall include in-depth information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and include both commercial ones we get from a third-party security firm and custom ones that our system admins add in the event that they detect a new kind of attacks. That way, the sites you host here shall be way more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web app which you install inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall is provided with all our hosting solutions and is switched on by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it entirely, but you can also enable a passive mode, so the firewall shall not block anything, but it'll still keep an archive of possible attacks. This normally requires simply a click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so on. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our admins update personally in order to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers we offer and it'll be turned on automatically for every new domain or subdomain that you add on the server. This way, any web app which you install will be protected right away without doing anything by hand on your end. The firewall could be handled through the section of the Control Panel which bears the same name. This is the location whereyou could switch off ModSecurity or activate its passive mode, so it won't take any action towards threats, but shall still keep a comprehensive log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones that we obtain from a security firm and custom ones which are added by our admins to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. Just in case that a web app does not work adequately, you could either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which could happen, but will not take any action to prevent it. The logs produced in passive or active mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it came from, and so on. This info shall permit you to decide what steps you can take to improve the security of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security enterprise we work with, but from time to time our administrators add their own rules too in the event that they identify a new potential threat.