ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks toward web applications. It monitors the HTTP traffic to a specific website in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for example, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a particular file that could result in accessing the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls available and it will secure even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Quite comprehensive info about each intrusion attempt is recorded and the logs the firewall keeps are much more specific than the standard logs created by the Apache server, so you could later take a look at them and decide if you need to take more measures in order to enhance the protection of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity is available on all shared hosting machines, so when you opt to host your sites with our organization, they will be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs through your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' sites seriously, we use a collection of commercial rules which we get from one of the leading companies that maintain such rules. Our administrators also include custom rules to make sure that your Internet sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

Any web app which you install within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you include or create through your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area in Hepsia where not only can you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall will not stop anything, but it will still keep an archive of potential attacks. This requires just a mouse click and you shall be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall uses two sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update personally in order to respond to recently discovered risks as soon as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application that you upload or set up shall be properly secured from the very beginning and you will not need to bother about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs can easily enable you to to secure your Internet sites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this information, you could see if a website needs an update, whether you should block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones too if they find a new threat which is not yet a part of the commercial bundle.