ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to stop attacks against script-driven Internet sites by using security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even websites that aren't updated regularly. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it discovers them. The firewall is extremely efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also keeps an incredibly comprehensive log of all attack attempts which includes more info than standard Apache logs, so you could later examine the data and take additional measures to boost the security of your websites if needed.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting web servers, so if you opt to host your sites with our organization, they shall be protected against a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You will be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view specific logs from your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the security of our customers' sites very seriously, we employ a set of commercial rules that we take from one of the top firms that maintain this sort of rules. Our administrators also include custom rules to make sure that your websites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer include ModSecurity and since the firewall is enabled by default, any Internet site you create under a domain or a subdomain shall be secured right from the start. An independent section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any website or activate a detection mode. With the last option, ModSecurity shall not take any action, but it will still identify possible attacks and shall keep all info in a log as if it were completely active. The logs could be found in the exact same section of the CP and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we employ on our web servers are a mix between commercial ones from a security company and custom ones created by our system admins. As a result, we offer increased security for your web applications as we can defend them from attacks before security companies release updates for completely new threats.

ModSecurity in Dedicated Hosting

If you opt to host your sites on a dedicated server with the Hepsia CP, your web programs shall be protected straight away since ModSecurity is supplied with all Hepsia-based solutions. You'll be able to control the firewall without difficulty and if needed, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what's occurring without taking any action to prevent potential attacks. The logs which you'll find within the very same section of the CP are incredibly detailed and contain details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etc. This info shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins add whenever they identify attacks which haven't yet been included within the commercial pack.