ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any server does, so you shall manage to monitor what is going on with your websites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it identifies if anyone is trying to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, and then records in-depth info about them inside its logs. ModSecurity is one of the best software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

: ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting plans, so your web apps will be shielded from destructive attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will find in Hepsia are incredibly detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the sites hosted on our machines.; ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your sites with us, there won't be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include using your hosting CP. If needed, you could disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still work and record information, but shall not do anything to prevent potential attacks on your Internet sites. In depth logs will be available in your Control Panel and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We use 2 kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones that our admins often include to respond to newly identified threats in a timely manner.; ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be activated automatically for any new domain or subdomain that you add on the server. That way, any web app you install shall be secured right from the start without doing anything personally on your end. The firewall can be managed via the section of the Control Panel which has the same name. This is the place in whichyou could turn off ModSecurity or let its passive mode, so it shall not take any action towards threats, but will still keep a comprehensive log. The recorded data is available within the same section as well and you'll be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones which we obtain from a security company and custom ones that are included by our administrators to optimize the security of any web apps hosted on our end.; ModSecurity in Dedicated Hosting

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to use it because it is activated by default whenever you include a new domain or subdomain on your server. If it disrupts some of your programs, you'll be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it will recognize attacks and will still maintain a log for them, but won't block them. You could analyze the logs later to determine what you can do to boost the security of your Internet sites as you will find information such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, and so forth. The rules that we use are commercial, hence they are frequently updated by a security firm, but to be on the safe side, our administrators also include custom rules from time to time as to respond to any new threats they have identified.