ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the website visitors than any web server does, so you shall manage to keep track of what's going on with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether anyone is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the software blocks the attempts immediately, and then records comprehensive details about them within its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting servers, so when you opt to host your sites with our organization, they will be protected against a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any website if needed, or to enable a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the security of our customers' Internet sites very seriously, we use a selection of commercial rules which we take from one of the top firms that maintain such rules. Our admins also add custom rules to ensure that your sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your websites with our company, there shall not be anything special you will have to do since the firewall is turned on by default for all domains and subdomains you include using your hosting Control Panel. If required, you can disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall shall still work and record data, but will not do anything to prevent potential attacks on your Internet sites. In depth logs shall be readily available inside your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etcetera. We use two types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our admins sometimes add to respond to newly identified risks in a timely manner.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there shall not be anything special that you shall have to do to protect your sites. It'll take you just a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what occurs without taking any steps to stop intrusions. You'll be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etc. We use a combination of commercial and custom rules so as to ensure that ModSecurity will prevent as many risks as possible, hence boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In the event that a web application does not operate correctly, you may either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack which could take place, but shall not take any action to stop it. The logs generated in passive or active mode shall give you more details about the exact file that was attacked, the form of the attack and the IP address it came from, etcetera. This data will enable you to decide what steps you can take to increase the safety of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial pack from a third-party security enterprise we work with, but oftentimes our staff add their own rules as well when they find a new potential threat.