ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the site visitors than any web server does, so you will manage to keep an eye on what's happening with your websites better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes whether someone is trying to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records detailed information about them in its logs. ModSecurity is one of the best software firewalls out there and it could easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so if you decide to host your sites with our firm, they will be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view specific logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' websites very seriously, we employ a collection of commercial rules that we get from one of the leading companies that maintain this kind of rules. Our administrators also add custom rules to ensure that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

Any web program which you install within your new semi-dedicated server account shall be protected by ModSecurity since the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it entirely, but you can also switch on a passive mode, so the firewall won't stop anything, but it will still maintain an archive of potential attacks. This normally requires simply a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall uses two sets of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our administrators update manually in order to respond to recently discovered threats at the earliest opportunity.

ModSecurity in VPS Servers

Safety is of the utmost importance to us, so we install ModSecurity on all VPS servers that are made available with the Hepsia CP as a standard. The firewall could be managed via a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to disable it or switch on the so-called detection mode, so it'll maintain a log of possible attacks you can later examine, but will not stop them. The logs in both passive and active modes include information about the type of the attack and how it was stopped, what IP it came from and other important info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules as once in a while we detect specific attacks that are not yet present within the commercial group. This way, we can improve the protection of your VPS immediately instead of awaiting a certified update.

ModSecurity in Dedicated Servers

All of our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any app that you upload or install shall be secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but does not take actions to stop them. What you'll see in the logs can help you to secure your websites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etc. With this data, you'll be able to see whether a site needs an update, if you ought to block IPs from accessing your hosting server, etcetera. On top of the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well when they find a new threat that is not yet a part of the commercial bundle.