ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the website visitors than any web server does, so you shall be able to keep track of what is happening with your websites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if someone is trying to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the software hinders the attempts in real time, then records in-depth details about them in its logs. ModSecurity is amongst the best software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.

: ModSecurity in Web Hosting

ModSecurity is available on all web hosting servers, so if you choose to host your Internet sites with our business, they will be shielded from an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs using your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our clients' sites very seriously, we use a group of commercial rules that we get from one of the leading firms that maintain this sort of rules. Our admins also add custom rules to ensure that your Internet sites will be shielded from as many threats as possible.; ModSecurity in Semi-dedicated Hosting

Any web program which you install inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area within Hepsia where not simply could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall won't block anything, but it will still keep an archive of possible attacks. This requires just a mouse click and you will be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etcetera. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our admins update manually in order to respond to newly discovered threats at the earliest opportunity.; ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it'll be turned on automatically for every new domain or subdomain which you include on the machine. In this way, any web app you install shall be secured right away without doing anything manually on your end. The firewall can be handled via the section of the Control Panel which has the same name. This is the location whereyou'll be able to turn off ModSecurity or enable its passive mode, so it won't take any action toward threats, but will still keep a thorough log. The recorded information is available in the same section as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones we obtain from a security organization and custom ones which are added by our administrators to enhance the protection of any web apps hosted on our end.; ModSecurity in Dedicated Web Hosting

If you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected straight away since ModSecurity is provided with all Hepsia-based packages. You will be able to control the firewall with ease and if required, you will be able to turn it off or switch on its passive mode when it will only keep a log of what is occurring without taking any action to prevent potential attacks. The logs that you'll find within the very same section of the CP are quite detailed and contain details about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This information will permit you to take measures and increase the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include every time they identify attacks that haven't yet been included in the commercial pack.