ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; Setup Fees; Free Website Themes; Zend Optimizer; Order

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the site visitors than any web server does, so you'll be able to keep an eye on what is happening with your websites a lot better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it detects whether somebody is trying to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall software blocks the attempts right away, then records in-depth info about them in its logs. ModSecurity is among the best software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity comes by default with all shared web hosting plans which we provide and it'll be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with a click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall include in-depth information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and incorporate both commercial ones which we get from a third-party security business and custom ones which our system administrators add in case that they detect a new sort of attacks. In this way, the Internet sites that you host here will be way more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer come with ModSecurity and since the firewall is enabled by default, any website which you create under a domain or a subdomain will be secured right from the start. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to stop and start the firewall for any website or activate a detection mode. With the last option, ModSecurity won't take any action, but it will still detect possible attacks and will keep all data within a log as if it were fully active. The logs could be found inside the same section of the CP and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we employ on our machines are a mix of commercial ones from a security business and custom ones created by our system administrators. For that reason, we provide higher security for your web programs as we can protect them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it will be activated automatically for any new domain or subdomain which you add on the hosting server. In this way, any web app which you install will be secured from the very beginning without doing anything personally on your end. The firewall could be managed from the section of the Control Panel that has the same name. This is the location whereyou could disable ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still keep a comprehensive log. The recorded information is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we use on our servers are a mixture between commercial ones that we obtain from a security organization and custom ones which are included by our staff to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the server. Just in case that a web app doesn't work properly, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any potential attack that might occur, but won't take any action to prevent it. The logs created in passive or active mode shall provide you with additional details about the exact file that was attacked, the type of the attack and the IP it originated from, and so forth. This info shall enable you to decide what measures you can take to enhance the protection of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated often with a commercial bundle from a third-party security enterprise we work with, but from time to time our staff add their own rules too in case they identify a new potential threat.