ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Get Started

ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to prevent attacks against script-driven sites by employing security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and protect even Internet sites which are not updated on a regular basis. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the instant it identifies them. The firewall is extremely efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally maintains an exceptionally comprehensive log of all attack attempts which contains more info than traditional Apache logs, so you can later examine the data and take additional measures to enhance the security of your websites if needed.

ModSecurity in Hosting

ModSecurity is supplied with all hosting machines, so if you choose to host your sites with our business, they will be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any site if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view specific logs through your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our customers' websites very seriously, we use a group of commercial rules that we get from one of the top firms that maintain this sort of rules. Our administrators also include custom rules to make sure that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

Any web application that you install within your new semi-dedicated server account will be protected by ModSecurity as the firewall comes with all our hosting solutions and is switched on by default for any domain and subdomain which you include or create through your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall won't block anything, but it will still maintain a record of possible attacks. This requires just a click and you will be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually in order to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be activated automatically for every new domain or subdomain which you include on the server. This way, any web app which you install will be protected from the very beginning without doing anything by hand on your end. The firewall could be managed via the section of the Control Panel which has the same name. This is the location whereyou could disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still keep a detailed log. The recorded data is available within the same area as well and you'll be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones which we obtain from a security firm and custom ones that are added by our admins to improve the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you won't need to do anything specific on your end to employ it because it is turned on by default whenever you include a new domain or subdomain on your server. If it interferes with some of your programs, you'll be able to stop it via the respective section of Hepsia, or you could leave it in passive mode, so it will detect attacks and will still keep a log for them, but shall not stop them. You may analyze the logs later to learn what you can do to increase the safety of your websites as you will find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules which we employ are commercial, hence they are constantly updated by a security provider, but to be on the safe side, our administrators also include custom rules occasionally as to respond to any new threats they have found.