ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the website visitors than any web server does, so you shall manage to keep an eye on what's happening with your sites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it identifies if somebody is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall program blocks the attempts right away, then records in-depth information about them within its logs. ModSecurity is amongst the best software firewalls out there and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting packages that we provide and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and deactivate it with a click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites shall feature elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and consist of both commercial ones which we get from a third-party security firm and custom ones that our system admins add in the event that they detect a new type of attacks. In this way, the sites that you host here will be far more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer come with ModSecurity and because the firewall is switched on by default, any website that you build under a domain or a subdomain shall be secured right away. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it'll still detect possible attacks and will keep all data in a log as if it were 100% active. The logs could be found within the very same section of the CP and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we use on our servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Therefore, we offer higher security for your web programs as we can protect them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Servers

Security is extremely important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is activated automatically when you add a new domain or create a subdomain, so you'll not need to do anything manually. You'll also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of possible attacks which you can later analyze, but shall not prevent them. The logs in both passive and active modes contain details regarding the form of the attack and how it was eliminated, what IP address it came from and other useful data that may help you to tighten the security of your sites by updating them or blocking IPs, for example. In addition to the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules as from time to time we discover specific attacks that are not yet present inside the commercial pack. This way, we can easily improve the security of your Virtual private server in a timely manner rather than waiting for an official update.

ModSecurity in Dedicated Servers

All our dedicated servers that are installed with the Hepsia hosting CP include ModSecurity, so any app which you upload or set up shall be protected from the very beginning and you won't need to worry about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will see in the logs can allow you to to secure your Internet sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etc. With this data, you'll be able to see if a website needs an update, whether you need to block IPs from accessing your server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too when they find a new threat that's not yet in the commercial bundle.