ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks against web applications. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to accomplish that - for example, attempting to log in to a script administrator area without success several times triggers one rule, sending a request to execute a specific file which could result in accessing the website triggers another rule, and so on. ModSecurity is one of the best firewalls around and it'll protect even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the standard logs provided by the Apache server, so you can later take a look at them and decide if you need to take extra measures so as to enhance the security of your script-driven sites.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting packages, so your web apps shall be resistant to destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will find inside Hepsia are quite detailed and feature info about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We use a set of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web app you set up in your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it completely, but you could also activate a passive mode, so the firewall will not stop anything, but it'll still maintain a record of possible attacks. This takes just a mouse click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally as to respond to recently discovered threats immediately.

ModSecurity in VPS

Protection is vital to us, so we install ModSecurity on all virtual private servers which are provided with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything by hand. You shall also be able to disable it or activate the so-called detection mode, so it will maintain a log of potential attacks that you can later analyze, but won't block them. The logs in both passive and active modes offer info about the kind of the attack and how it was eliminated, what IP it originated from and other useful data that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security enterprise, we also implement our own rules as occasionally we identify specific attacks which aren't yet present in the commercial pack. This way, we can easily increase the protection of your Virtual private server promptly instead of waiting for an official update.

ModSecurity in Dedicated Hosting

If you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be protected right from the start since ModSecurity is provided with all Hepsia-based solutions. You'll be able to regulate the firewall effortlessly and if necessary, you shall be able to turn it off or switch on its passive mode when it'll only keep a log of what is occurring without taking any action to prevent potential attacks. The logs which you will find inside the very same section of the CP are quite detailed and contain details about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This info shall permit you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators include every time they identify attacks which haven't yet been included in the commercial pack.