ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a powerful firewall for Apache web servers that is employed to stop attacks towards web apps. It tracks the HTTP traffic to a certain site in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a certain file that may result in getting access to the Internet site triggers a different rule, and so on. ModSecurity is amongst the best firewalls around and it will protect even scripts which are not updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Incredibly detailed data about every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs created by the Apache server, so you can later take a look at them and decide whether you need to take additional measures so as to boost the protection of your script-driven sites.

: ModSecurity in Web Hosting

We provide ModSecurity with all web hosting packages, so your web apps shall be protected against malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall discover within Hepsia are extremely detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We use a set of commercial rules which are frequently updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our machines.; ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you opt to host your websites with us, there won't be anything special you will have to do as the firewall is activated by default for all domains and subdomains you include using your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall will still operate and record info, but won't do anything to stop potential attacks against your sites. Detailed logs shall be accessible within your Control Panel and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones which our admins occasionally add to respond to newly found risks on time.; ModSecurity in VPS

All virtual private servers that are provided with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there shall not be anything special which you'll need to do to protect your websites. It shall take you simply a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any measures to prevent intrusions. You shall be able to see the logs generated in active or passive mode through the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to handle it, etcetera. We employ a mixture of commercial and custom rules so as to ensure that ModSecurity will prevent as many threats as possible, hence boosting the security of your web apps as much as possible.; ModSecurity in Dedicated Hosting

If you decide to host your sites on a dedicated server with the Hepsia CP, your web programs shall be secured straight away since ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall with ease and if required, you will be able to turn it off or activate its passive mode when it will only keep a log of what's happening without taking any action to prevent potential attacks. The logs that you'll find in the exact same section of the Control Panel are incredibly detailed and include data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so forth. This information shall enable you to take measures and enhance the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators add when they identify attacks that have not yet been included inside the commercial pack.