ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks toward web apps. It monitors the HTTP traffic to a certain website in real time and blocks any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to accomplish that - for example, attempting to log in to a script administration area unsuccessfully many times triggers one rule, sending a request to execute a specific file that may result in accessing the site triggers a different rule, and so forth. ModSecurity is among the best firewalls around and it will secure even scripts which aren't updated regularly because it can prevent attackers from using known exploits and security holes. Incredibly comprehensive data about each intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the standard logs provided by the Apache server, so you could later take a look at them and decide if you need to take extra measures so as to improve the safety of your script-driven websites.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting solutions that we offer and it will be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for any of your sites will contain in-depth info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security company and custom ones that our system administrators include in case that they detect a new sort of attacks. This way, the Internet sites you host here will be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity as a standard within all semi-dedicated hosting plans, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a mouse click. You will also be able to turn on a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack generated, where it originated from, etc. The list of rules which we use is regularly updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our admins add in case they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting Control Panel, so your web programs shall be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could deactivate it with a mouse click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep a detailed log of any possible attacks without taking any action to prevent them. The logs are available within the very same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we use not only commercial rules from a firm working in the field of web security, but also custom ones that our administrators include manually so as to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Web Hosting

All our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app that you upload or set up will be protected from the very beginning and you will not have to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll find in the logs can easily enable you to to secure your websites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see if a website needs an update, if you need to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too every time they come across a new threat that is not yet a part of the commercial bundle.