ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven Internet sites by using security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and protect even websites that aren't updated regularly. For instance, numerous failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will block these activities the second it discovers them. The firewall is very efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps an incredibly detailed log of all attack attempts which features more information than traditional Apache logs, so you could later check out the data and take extra measures to enhance the security of your Internet sites if necessary.

ModSecurity in Semi-dedicated Servers

Any web app which you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you could also activate a passive mode, so the firewall won't stop anything, but it will still maintain a record of possible attacks. This requires only a click and you'll be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually in order to respond to newly discovered threats as quickly as possible.

ModSecurity in Dedicated Servers

All our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or install will be protected from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall see in the logs can easily allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you can see whether a site needs an update, if you ought to block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well if they find a new threat that's not yet a part of the commercial bundle.