ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it detects an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you'll be able to monitor what's happening with your sites better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes whether someone is trying to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, and then records in-depth information about them in its logs. ModSecurity is one of the best software firewalls available and it can protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages that we supply and it'll be turned on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you could activate and disable it with just a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to stop them. The log for each of your sites shall contain detailed info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are constantly updated and incorporate both commercial ones we get from a third-party security firm and custom ones our system administrators include in case that they detect a new type of attacks. This way, the Internet sites you host here shall be far more secure with no action required on your end.

ModSecurity in Dedicated Servers

If you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected right away because ModSecurity is available with all Hepsia-based solutions. You will be able to manage the firewall with ease and if required, you shall be able to turn it off or switch on its passive mode when it shall only maintain a log of what's going on without taking any action to prevent possible attacks. The logs that you can find within the same section of the Control Panel are extremely detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This info shall allow you to take measures and improve the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include whenever they identify attacks that have not yet been included in the commercial pack.