ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks against script-driven sites by employing security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and protect even Internet sites that aren't updated frequently. For instance, numerous failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger particular rules, so ModSecurity will block these activities the minute it discovers them. The firewall is quite efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains a very detailed log of all attack attempts which contains more info than traditional Apache logs, so you can later examine the data and take further measures to enhance the security of your sites if required.

ModSecurity in Website Hosting

ModSecurity is supplied with all website hosting servers, so if you decide to host your Internet sites with our business, they will be protected against a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You'll be able to view specific logs via your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our clients' Internet sites seriously, we use a set of commercial rules that we take from one of the best companies that maintain this kind of rules. Our admins also add custom rules to make sure that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and because the firewall is switched on by default, any Internet site which you create under a domain or a subdomain will be secured immediately. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it will still recognize possible attacks and shall keep all information inside a log as if it were fully active. The logs can be found in the same section of the CP and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we employ on our servers are a mix between commercial ones from a security business and custom ones developed by our system administrators. As a result, we offer greater security for your web apps as we can shield them from attacks even before security corporations release updates for brand new threats.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it will be activated automatically for any new domain or subdomain which you include on the web server. This way, any web app which you install shall be protected right away without doing anything by hand on your end. The firewall may be handled via the section of the Control Panel which bears the same name. This is the place whereyou could turn off ModSecurity or enable its passive mode, so it shall not take any action towards threats, but shall still maintain a comprehensive log. The recorded info is available within the same area as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we employ on our servers are a blend between commercial ones we get from a security firm and custom ones that are included by our admins to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it as it is activated by default whenever you add a new domain or subdomain on your web server. In case it interferes with some of your applications, you will be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it'll recognize attacks and shall still keep a log for them, but shall not stop them. You may examine the logs later to determine what you can do to boost the protection of your Internet sites since you will find info such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules which we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our staff also include custom rules from time to time in order to react to any new threats they have discovered.