ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Get Started

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the site visitors than any server does, so you shall be able to keep an eye on what is going on with your sites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a certain command. In such situations these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, after that records in-depth info about them within its logs. ModSecurity is among the very best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity is offered with each hosting package which we provide and it is turned on by default for any domain or subdomain which you add through your Hepsia Control Panel. If it disrupts any of your apps or you'd like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a mouse click. You may also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but will not take any action. You can see detailed logs in the exact same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For max safety of our clients we use a set of commercial firewall rules mixed with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

Any web program which you set up within your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting packages and is switched on by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall won't stop anything, but it'll still keep an archive of possible attacks. This normally requires just a click and you shall be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etcetera. The firewall employs two groups of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update personally as to respond to recently discovered risks as fast as possible.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there won't be anything special which you'll have to do to protect your websites. It will take you only a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You shall be able to see the logs generated in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to take care of it, and so forth. We employ a combination of commercial and custom rules so as to make certain that ModSecurity shall block as many risks as possible, thus enhancing the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps shall be protected right from the start because ModSecurity is supplied with all Hepsia-based solutions. You shall be able to regulate the firewall easily and if required, you shall be able to turn it off or enable its passive mode when it'll only maintain a log of what is occurring without taking any action to stop potential attacks. The logs which you will find within the exact same section of the CP are incredibly detailed and feature information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data will permit you to take measures and boost the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include when they recognize attacks which haven't yet been included in the commercial pack.