ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks toward web applications. It keeps track of the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - for example, attempting to log in to a script admin area without success many times triggers one rule, sending a request to execute a particular file which could result in gaining access to the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls on the market and it will secure even scripts that are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive data about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs provided by the Apache server, so you could later analyze them and determine if you need to take more measures so as to improve the security of your script-driven websites.

ModSecurity in Shared Website Hosting

ModSecurity can be found with every single shared website hosting plan which we provide and it's turned on by default for every domain or subdomain which you add through your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with just a mouse click. You can also enable a passive mode, so the firewall will detect possible attacks and keep a log, but shall not take any action. You could see detailed logs in the very same section, including the IP where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum security of our clients we use a collection of commercial firewall rules combined with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

Any web application you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting solutions and is switched on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section inside Hepsia where not simply could you activate or deactivate it completely, but you could also activate a passive mode, so the firewall won't stop anything, but it will still maintain a record of possible attacks. This normally requires just a mouse click and you'll be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall uses 2 sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one which our admins update personally as to respond to recently discovered threats as soon as possible.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web apps shall be protected from the second your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a mouse click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall maintain a detailed log of any potential attacks without taking any action to stop them. The logs can be found inside the exact same section and offer info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For optimum security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones that our admins include personally so as to react to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it as it's enabled by default each time you include a new domain or subdomain on your server. In the event that it disrupts any of your apps, you will be able to stop it via the respective part of Hepsia, or you could leave it operating in passive mode, so it will identify attacks and shall still keep a log for them, but will not prevent them. You'll be able to analyze the logs later to determine what you can do to boost the protection of your websites as you shall find details such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etcetera. The rules that we use are commercial, hence they are regularly updated by a security company, but to be on the safe side, our staff also include custom rules occasionally in order to react to any new threats they have identified.