ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is an effective firewall for Apache web servers which is employed to prevent attacks against web apps. It monitors the HTTP traffic to a given site in real time and prevents any intrusion attempts the moment it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a particular file that may result in gaining access to the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls around and it'll protect even scripts which aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Incredibly detailed info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the regular logs created by the Apache server, so you could later analyze them and determine if you need to take more measures so as to increase the security of your script-driven Internet sites.

ModSecurity in Shared Web Hosting

ModSecurity comes standard with all shared web hosting plans which we supply and it will be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your sites shall feature in-depth info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and include both commercial ones which we get from a third-party security firm and custom ones that our system administrators include in the event that they detect a new sort of attacks. This way, the Internet sites that you host here shall be way more protected without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

Any web program which you set up inside your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not only can you activate or deactivate it completely, but you may also enable a passive mode, so the firewall shall not stop anything, but it shall still keep an archive of possible attacks. This requires only a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one that our admins update personally in order to respond to newly discovered threats as fast as possible.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it'll be turned on automatically for any new domain or subdomain which you add on the web server. That way, any web app you install will be protected right away without doing anything personally on your end. The firewall can be handled through the section of the CP which has the same name. This is the area in whichyou could disable ModSecurity or activate its passive mode, so it won't take any action against threats, but will still keep a thorough log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we use on our servers are a blend between commercial ones that we get from a security firm and custom ones that are included by our admins to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to use it because it's switched on by default whenever you include a new domain or subdomain on your web server. In the event that it disrupts any of your apps, you'll be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it will recognize attacks and shall still keep a log for them, but shall not prevent them. You'll be able to look at the logs later to determine what you can do to improve the protection of your sites since you shall find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, and so on. The rules that we employ are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our admins also add custom rules from time to time in order to react to any new threats they have found.