ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to stop attacks towards script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even websites that aren't updated on a regular basis. For instance, a number of failed login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block these activities the minute it discovers them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally keeps an incredibly thorough log of all attack attempts which contains more info than standard Apache logs, so you can later examine the data and take extra measures to increase the security of your Internet sites if needed.

: ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting solutions which we provide and it'll be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall feature comprehensive info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and consist of both commercial ones that we get from a third-party security business and custom ones our system administrators add in the event that they detect a new kind of attacks. In this way, the Internet sites that you host here will be far more secure without any action needed on your end.; ModSecurity in Semi-dedicated Servers

Any web program you set up within your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain which you include or create using your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not only could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall won't stop anything, but it will still keep an archive of potential attacks. This requires just a mouse click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall employs two groups of rules on our servers - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to newly discovered threats at the earliest opportunity.; ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting Control Panel, so your web programs shall be secured from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click from the corresponding section of Hepsia. You could also set it to function in detection mode, so it will maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available inside the exact same section and offer info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not simply commercial rules from a company working in the field of web security, but also custom ones which our administrators add personally so as to react to new risks which are still not dealt with in the commercial rules.; ModSecurity in Dedicated Servers

When you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected immediately as ModSecurity is available with all Hepsia-based plans. You will be able to control the firewall without difficulty and if required, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what is taking place without taking any action to prevent potential attacks. The logs which you can find inside the same section of the CP are incredibly detailed and include details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etcetera. This info will enable you to take measures and boost the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our staff include when they identify attacks which have not yet been included inside the commercial pack.