ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to stop attacks toward script-driven websites through the use of security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites which aren't updated often. As an example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall stop these activities the instant it discovers them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally maintains an incredibly thorough log of all attack attempts which features more info than traditional Apache logs, so you can later examine the data and take further measures to increase the security of your websites if needed.

: ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting solutions, so your web apps will be shielded from harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find within Hepsia are extremely detailed and include info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a group of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our machines.; ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with our company, there shall not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains which you add via your hosting Control Panel. If necessary, you could disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall will still work and record information, but won't do anything to prevent possible attacks on your sites. Comprehensive logs shall be readily available in your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our admins sometimes add to respond to newly found threats in a timely manner.; ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers we offer and it will be turned on automatically for any new domain or subdomain that you include on the hosting server. In this way, any web app you install shall be secured right from the start without doing anything manually on your end. The firewall may be managed via the section of the Control Panel which has the same name. This is the area whereyou can disable ModSecurity or enable its passive mode, so it will not take any action towards threats, but will still keep a thorough log. The recorded information is available in the same area as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones we obtain from a security company and custom ones that are included by our staff to improve the protection of any web applications hosted on our end.; ModSecurity in Dedicated Web Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. Just in case that a web application doesn't work correctly, you can either turn off the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any possible attack which might take place, but will not take any action to prevent it. The logs generated in passive or active mode will give you more details about the exact file that was attacked, the form of the attack and the IP it originated from, etcetera. This information will enable you to decide what steps you can take to boost the safety of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security firm we work with, but sometimes our admins include their own rules also in case they come across a new potential threat.