ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Buy Now

ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks against script-driven Internet sites through the use of security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and protect even sites which aren't updated frequently. As an example, several failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the minute it identifies them. The firewall is very efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps an exceptionally thorough log of all attack attempts that features more information than typical Apache logs, so you could later analyze the data and take further measures to enhance the security of your Internet sites if required.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting plans, so your Internet apps will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you'll be able to stop it using the respective section of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover inside Hepsia are quite detailed and offer data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server packages, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any Internet site with a mouse click. You'll also be able to turn on a passive detection mode through which ModSecurity shall keep a log of potential attacks without really stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack activated, where it came from, and so forth. The list of rules that we use is regularly updated as to match any new risks which could appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators add in the event that they find a threat that's not present within the commercial list yet.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there will not be anything special which you will have to do to protect your sites. It shall take you only a click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You'll be able to see the logs created in passive or active mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to handle it, and so on. We use a mixture of commercial and custom rules so as to make certain that ModSecurity shall block out as many threats as possible, therefore boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

If you choose to host your websites on a dedicated server with the Hepsia CP, your web apps shall be protected immediately since ModSecurity is provided with all Hepsia-based packages. You shall be able to control the firewall without difficulty and if required, you will be able to turn it off or enable its passive mode when it shall only keep a log of what is taking place without taking any action to stop possible attacks. The logs that you can find inside the very same section of the Control Panel are very detailed and contain data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This info shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add every time they identify attacks that have not yet been included in the commercial pack.