ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to prevent attacks against script-driven sites through the use of security rules that contain specific expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites which are not updated often. For example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the instant it discovers them. The firewall is extremely efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also maintains a very comprehensive log of all attack attempts that contains more info than standard Apache logs, so you can later examine the data and take additional measures to improve the security of your sites if needed.

: ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting packages, so your web applications will be protected against harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll find inside Hepsia are very detailed and offer information about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so forth. We employ a range of commercial rules that are often updated, but sometimes our administrators include custom rules as well in order to better protect the websites hosted on our servers.; ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity by default in all semi-dedicated server products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any Internet site with a click. You'll also be able to switch on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, etcetera. The list of rules that we use is frequently updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our admins add if they find a threat that's not present inside the commercial list yet.; ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web programs will be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you'll be able to disable it with a click from the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall maintain a detailed log of any potential attacks without taking any action to prevent them. The logs are available within the exact same section and include info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not just commercial rules from a company working in the field of web security, but also custom ones which our administrators add manually so as to react to new threats which are still not dealt with in the commercial rules.; ModSecurity in Dedicated Servers

All of our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any app you upload or install shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily enable you to to secure your sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you could see if a website needs an update, if you should block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well if they come across a new threat that's not yet included in the commercial bundle.