ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks toward script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even sites which aren't updated on a regular basis. As an example, several unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is quite efficient because it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also maintains an exceptionally detailed log of all attack attempts that includes more information than traditional Apache logs, so you can later check out the data and take additional measures to enhance the security of your Internet sites if necessary.

: ModSecurity in Hosting

ModSecurity can be found with each hosting solution which we offer and it's turned on by default for every domain or subdomain which you include via your Hepsia Control Panel. If it interferes with any of your apps or you'd like to disable it for some reason, you shall be able to achieve that through the ModSecurity section of Hepsia with merely a mouse click. You can also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You'll be able to see extensive logs in the very same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max protection of our clients we use a collection of commercial firewall rules combined with custom ones that are included by our system admins.; ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard within all semi-dedicated server products, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any Internet site with a click. You'll also be able to turn on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it originated from, and so on. The list of rules which we use is constantly updated in order to match any new threats that might appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our admins include in case they discover a threat that's not present inside the commercial list yet.; ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers which we offer and it shall be switched on automatically for every new domain or subdomain that you include on the hosting server. In this way, any web application which you install shall be protected immediately without doing anything personally on your end. The firewall can be managed through the section of the CP that bears the same name. This is the area whereyou could disable ModSecurity or let its passive mode, so it will not take any action toward threats, but will still keep a comprehensive log. The recorded data is available within the same section as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we employ on our servers are a mix between commercial ones we obtain from a security company and custom ones which are included by our admins to improve the security of any web applications hosted on our end.; ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any app that you upload or set up shall be secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll find in the logs shall help you to secure your websites better - the IP address an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you can see whether a website needs an update, if you ought to block IPs from accessing your server, and so on. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well whenever they discover a new threat that is not yet a part of the commercial bundle.