ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the site visitors than any web server does, so you'll be able to keep track of what is going on with your websites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies whether someone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, then records detailed details about them inside its logs. ModSecurity is among the very best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so if you decide to host your sites with our company, they'll be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' Internet sites seriously, we employ a set of commercial rules which we take from one of the best companies which maintain such rules. Our admins also include custom rules to make sure that your websites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you decide to host your websites with us, there will not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains you add via your hosting CP. If needed, you could disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall will still function and record info, but will not do anything to stop possible attacks on your sites. In depth logs shall be readily available in your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our administrators sometimes add to respond to newly found threats promptly.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers that we offer and it will be switched on automatically for any new domain or subdomain which you include on the machine. That way, any web application you install will be protected immediately without doing anything manually on your end. The firewall could be managed from the section of the CP which bears the same name. This is the area whereyou could turn off ModSecurity or let its passive mode, so it will not take any action against threats, but shall still keep a comprehensive log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a mix between commercial ones that we get from a security company and custom ones which are included by our staff to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is switched on by default whenever you include a new domain or subdomain on your hosting server. In case it disrupts any of your applications, you will be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it will recognize attacks and will still keep a log for them, but will not block them. You may examine the logs later to find out what you can do to enhance the protection of your Internet sites since you will find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity reacted, etc. The rules we use are commercial, therefore they are constantly updated by a security provider, but to be on the safe side, our admins also add custom rules from time to time in order to respond to any new threats they have identified.