ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to stop attacks against script-driven websites by employing security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated frequently. As an example, a number of failed login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is very efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It additionally keeps a very comprehensive log of all attack attempts that contains more information than traditional Apache logs, so you could later analyze the data and take additional measures to enhance the security of your Internet sites if necessary.

ModSecurity in Cloud Website Hosting

ModSecurity is supplied with all cloud website hosting machines, so when you opt to host your sites with our business, they shall be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You will be able to stop ModSecurity for any site if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You'll be able to view specific logs from your Hepsia CP including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our clients' sites seriously, we use a group of commercial rules that we take from one of the best companies which maintain such rules. Our admins also add custom rules to make certain that your sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default within all semi-dedicated hosting packages, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall permit you to switch on or disable the firewall for any website with a click. You'll also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, and so forth. The list of rules we employ is constantly updated as to match any new risks which may appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our administrators add in the event that they discover a threat that is not present within the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it'll be activated automatically for any new domain or subdomain you add on the hosting server. That way, any web app that you install shall be secured right away without doing anything personally on your end. The firewall can be handled from the section of the CP that has the same name. This is the location in whichyou'll be able to turn off ModSecurity or let its passive mode, so it won't take any action towards threats, but will still maintain a thorough log. The recorded data is available inside the same area as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones which we get from a security firm and custom ones that are added by our admins to enhance the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

All our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program that you upload or install shall be protected from the very beginning and you won't have to bother about common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you'll find in the logs can enable you to to secure your sites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if an Internet site needs an update, whether you need to block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well every time they discover a new threat that is not yet included in the commercial bundle.