ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is an effective firewall for Apache web servers that is employed to prevent attacks against web applications. It monitors the HTTP traffic to a specific site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script admin area without success many times activates one rule, sending a request to execute a certain file that may result in accessing the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls on the market and it will secure even scripts which are not updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Quite comprehensive information about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the standard logs provided by the Apache server, so you may later take a look at them and determine whether you need to take more measures in order to improve the security of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity is offered with every web hosting package which we provide and it is activated by default for any domain or subdomain that you add via your Hepsia Control Panel. In case it interferes with any of your apps or you'd like to disable it for some reason, you will be able to do this through the ModSecurity area of Hepsia with merely a click. You can also use a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You could view extensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so forth. For optimum protection of our clients we use a set of commercial firewall rules mixed with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you choose to host your websites with our company, there won't be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains which you add via your hosting CP. If needed, you can disable ModSecurity for a certain website or enable the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to stop possible attacks on your sites. In depth logs will be accessible inside your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom made ones that our admins occasionally add to respond to newly identified threats on time.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web applications shall be protected from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a click through the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available within the exact same section and offer information about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not only commercial rules from a company operating in the field of web security, but also custom ones our administrators add personally so as to react to new threats that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any app that you upload or set up shall be properly secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you shall discover in the logs can enable you to to secure your sites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see if a site needs an update, if you should block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat which is not yet included in the commercial bundle.