ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks against web apps. It monitors the HTTP traffic to a certain site in real time and blocks any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - for example, attempting to log in to a script administration area unsuccessfully a few times triggers one rule, sending a request to execute a particular file that could result in getting access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls on the market and it'll secure even scripts that are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very comprehensive data about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs created by the Apache server, so you could later analyze them and decide whether you need to take more measures in order to enhance the safety of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting packages that we provide and it'll be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and deactivate it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your sites will feature elaborate info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and consist of both commercial ones that we get from a third-party security company and custom ones which our system administrators include in case that they detect a new kind of attacks. In this way, the websites which you host here will be a lot more secure with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

Any web app that you install within your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is included with all our hosting packages and is activated by default for any domain and subdomain you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you could also enable a passive mode, so the firewall won't stop anything, but it shall still keep an archive of potential attacks. This takes simply a mouse click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update manually in order to respond to recently discovered threats as quickly as possible.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers which we offer and it will be activated automatically for any new domain or subdomain that you include on the server. This way, any web application you install shall be protected right from the start without doing anything manually on your end. The firewall can be managed from the section of the CP that has the same name. This is the area whereyou could turn off ModSecurity or enable its passive mode, so it won't take any action toward threats, but shall still maintain a detailed log. The recorded information is available inside the same area as well and you'll be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a mixture between commercial ones which we obtain from a security firm and custom ones that are included by our staff to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

If you opt to host your websites on a dedicated server with the Hepsia CP, your web applications shall be secured immediately since ModSecurity is supplied with all Hepsia-based packages. You will be able to control the firewall effortlessly and if required, you will be able to turn it off or activate its passive mode when it will only keep a log of what is occurring without taking any action to stop possible attacks. The logs that you can find inside the exact same section of the Control Panel are extremely detailed and include info about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This info shall allow you to take measures and increase the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff include whenever they recognize attacks that have not yet been included inside the commercial pack.