ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks toward web applications. It keeps track of the HTTP traffic to a given Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script administrator area without success several times sets off one rule, sending a request to execute a particular file that may result in accessing the site triggers another rule, and so forth. ModSecurity is among the best firewalls available on the market and it'll secure even scripts which are not updated frequently as it can prevent attackers from employing known exploits and security holes. Incredibly thorough info about each intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs generated by the Apache server, so you could later examine them and determine if you need to take extra measures in order to improve the security of your script-driven websites.

ModSecurity in Shared Hosting

ModSecurity is available with each and every shared hosting package which we offer and it's activated by default for any domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your programs or you would like to disable it for whatever reason, you will be able to accomplish that through the ModSecurity area of Hepsia with merely a click. You may also activate a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You'll be able to view comprehensive logs in the very same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum safety of our customers we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer come with ModSecurity and since the firewall is turned on by default, any site you set up under a domain or a subdomain shall be protected right from the start. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to stop and start the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all information inside a log as if it were 100% active. The logs could be found inside the same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules we employ on our web servers are a mix between commercial ones from a security business and custom ones created by our system admins. For that reason, we provide increased security for your web applications as we can shield them from attacks even before security firms release updates for brand new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web applications shall be secured from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to operate in detection mode, so it shall maintain a comprehensive log of any potential attacks without taking any action to stop them. The logs are available inside the same section and offer information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For best security, we use not just commercial rules from a business working in the field of web security, but also custom ones our admins add manually so as to respond to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected straight away as ModSecurity is supplied with all Hepsia-based solutions. You'll be able to control the firewall effortlessly and if necessary, you shall be able to turn it off or switch on its passive mode when it'll only maintain a log of what is happening without taking any action to stop potential attacks. The logs that you'll find inside the exact same section of the Control Panel are quite detailed and feature information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info shall enable you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff add every time they detect attacks which have not yet been included within the commercial pack.