ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks towards web apps. It monitors the HTTP traffic to a certain Internet site in real time and blocks any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - as an illustration, trying to log in to a script administration area without success several times activates one rule, sending a request to execute a specific file which may result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls out there and it'll protect even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly detailed information about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs created by the Apache server, so you could later analyze them and determine if you need to take additional measures so as to enhance the protection of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

ModSecurity is offered with each shared website hosting plan which we offer and it is activated by default for every domain or subdomain which you include through your Hepsia CP. In case it disrupts any of your applications or you would like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with only a mouse click. You could also activate a passive mode, so the firewall will discover potential attacks and maintain a log, but won't take any action. You could see comprehensive logs in the same section, including the IP where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum security of our customers we use a set of commercial firewall rules combined with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web program that you install inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated area within Hepsia where not simply could you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall shall not block anything, but it will still maintain an archive of potential attacks. This normally requires simply a mouse click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update personally in order to respond to recently discovered threats as quickly as possible.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there shall not be anything special that you shall have to do to protect your Internet sites. It shall take you only a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any measures to prevent intrusions. You'll be able to look at the logs produced in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to deal with it, etc. We use a mixture of commercial and custom rules in order to make certain that ModSecurity shall block out as many threats as possible, hence improving the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. Just in case that a web application does not function adequately, you could either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack which might occur, but will not take any action to prevent it. The logs generated in active or passive mode will present you with additional details about the exact file that was attacked, the form of the attack and the IP it came from, etc. This info shall allow you to choose what measures you can take to enhance the security of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security company we work with, but sometimes our staff add their own rules also when they identify a new potential threat.