ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the website visitors than any web server does, so you shall manage to keep an eye on what is going on with your Internet sites much better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it detects whether anyone is trying to log in to the administration area of a certain script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the firewall program hinders the attempts right away, after that records in-depth details about them within its logs. ModSecurity is amongst the best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

: ModSecurity in Website Hosting

ModSecurity is available on all website hosting web servers, so when you opt to host your Internet sites with our organization, they will be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view comprehensive logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the security of our customers' Internet sites seriously, we employ a set of commercial rules which we get from one of the top firms that maintain this type of rules. Our administrators also add custom rules to make certain that your websites shall be resistant to as many threats as possible.; ModSecurity in Semi-dedicated Hosting

Any web program that you set up within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it completely, but you can also enable a passive mode, so the firewall will not stop anything, but it will still keep an archive of possible attacks. This requires only a click and you shall be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall uses two sets of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our administrators update personally in order to respond to newly discovered risks immediately.; ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it shall be switched on automatically for every new domain or subdomain which you include on the machine. This way, any web app which you install will be protected right away without doing anything by hand on your end. The firewall can be handled via the section of the CP which bears the same name. This is the place whereyou'll be able to switch off ModSecurity or let its passive mode, so it won't take any action towards threats, but shall still maintain a thorough log. The recorded data is available within the same area as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones we obtain from a security organization and custom ones that are included by our admins to improve the protection of any web apps hosted on our end.; ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any program you upload or set up will be properly secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you will find in the logs shall allow you to to secure your Internet sites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etc. With this information, you could see if a site needs an update, if you need to block IPs from accessing your server, etc. On top of the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well whenever they come across a new threat that's not yet included in the commercial bundle.