ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it identifies an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any server does, so you will be able to keep track of what's going on with your websites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it identifies whether somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall software blocks the attempts right away, then records detailed info about them in its logs. ModSecurity is one of the very best software firewalls available and it can protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting plans, so your Internet apps shall be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it via the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall find in Hepsia are quite detailed and include data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We use a group of commercial rules that are frequently updated, but sometimes our administrators include custom rules as well in order to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web program you set up within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it completely, but you can also activate a passive mode, so the firewall shall not block anything, but it shall still maintain an archive of potential attacks. This requires just a click and you'll be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall uses two groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update personally in order to respond to recently discovered threats immediately.

ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it'll be turned on automatically for any new domain or subdomain you include on the hosting server. That way, any web application that you install will be protected right away without doing anything manually on your end. The firewall may be handled via the section of the Control Panel that bears the same name. This is the area whereyou'll be able to disable ModSecurity or let its passive mode, so it will not take any action toward threats, but will still maintain a detailed log. The recorded info is available within the same section as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a mix between commercial ones that we obtain from a security firm and custom ones that are included by our administrators to enhance the protection of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

If you opt to host your websites on a dedicated server with the Hepsia CP, your web programs shall be secured right from the start because ModSecurity is available with all Hepsia-based solutions. You'll be able to control the firewall effortlessly and if needed, you will be able to turn it off or activate its passive mode when it will only maintain a log of what's going on without taking any action to stop potential attacks. The logs that you can find inside the exact same section of the CP are quite detailed and feature details about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etc. This data shall allow you to take measures and increase the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include every time they identify attacks that haven't yet been included in the commercial pack.