ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is an effective firewall for Apache web servers that is used to prevent attacks toward web applications. It tracks the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script administrator area unsuccessfully many times triggers one rule, sending a request to execute a certain file which could result in gaining access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls available and it will protect even scripts that are not updated often as it can prevent attackers from employing known exploits and security holes. Incredibly thorough data about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the regular logs provided by the Apache server, so you could later examine them and decide whether you need to take extra measures in order to boost the security of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity is available with every web hosting solution which we offer and it's turned on by default for any domain or subdomain which you add through your Hepsia CP. In case it interferes with any of your programs or you'd like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity area of Hepsia with just a mouse click. You can also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You'll be able to view comprehensive logs in the very same section, including the IP where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For max safety of our clients we use a set of commercial firewall rules combined with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer feature ModSecurity and since the firewall is enabled by default, any Internet site which you create under a domain or a subdomain shall be secured immediately. An individual section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any website or switch on a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all data within a log as if it were 100% active. The logs could be found within the exact same section of the Control Panel and they include info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we use on our web servers are a mix between commercial ones from a security firm and custom ones made by our system admins. As a result, we provide higher security for your web apps as we can defend them from attacks even before security corporations release updates for new threats.

ModSecurity in VPS Servers

Safety is very important to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't have to do anything manually. You'll also be able to deactivate it or activate the so-called detection mode, so it shall maintain a log of potential attacks you can later study, but will not prevent them. The logs in both passive and active modes contain info regarding the kind of the attack and how it was prevented, what IP address it came from and other valuable information which may help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules as once in a while we discover specific attacks which are not yet present within the commercial group. That way, we can easily improve the security of your VPS promptly instead of waiting for a certified update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to use it because it's activated by default every time you include a new domain or subdomain on your hosting server. If it disrupts some of your apps, you'll be able to stop it via the respective area of Hepsia, or you may leave it in passive mode, so it shall identify attacks and shall still keep a log for them, but will not prevent them. You could examine the logs later to learn what you can do to increase the protection of your Internet sites since you'll find information such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we employ are commercial, thus they're frequently updated by a security firm, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have discovered.