ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to stop attacks against script-driven websites by employing security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and preserve even Internet sites that are not updated frequently. As an example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the second it detects them. The firewall is incredibly efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally maintains an incredibly detailed log of all attack attempts that features more information than standard Apache logs, so you could later check out the data and take further measures to enhance the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting servers, so when you choose to host your websites with our firm, they shall be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any site if required, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the safety of our customers' websites very seriously, we employ a set of commercial rules that we take from one of the leading companies that maintain this type of rules. Our admins also add custom rules to make certain that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you decide to host your sites with our company, there shall not be anything special you'll have to do since the firewall is switched on by default for all domains and subdomains which you include via your hosting CP. If required, you could disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall shall still operate and record information, but won't do anything to prevent possible attacks against your Internet sites. In depth logs shall be accessible in your CP and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so on. We use two types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our admins sometimes include to respond to newly found risks promptly.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting Control Panel, so your web programs will be protected from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the same section and provide details about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones that our admins include personally in order to react to new threats which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be secured immediately since ModSecurity is provided with all Hepsia-based solutions. You will be able to manage the firewall without difficulty and if required, you will be able to turn it off or switch on its passive mode when it shall only keep a log of what is going on without taking any action to prevent potential attacks. The logs that you can find inside the same section of the CP are very detailed and feature details about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so on. This data will enable you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include whenever they detect attacks which haven't yet been included within the commercial pack.