ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and in case it detects an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the site visitors than any server does, so you'll manage to monitor what's going on with your sites much better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes if someone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the software blocks the attempts instantly, after that records detailed information about them in its logs. ModSecurity is one of the most effective software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting plans, so your web applications will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall find in Hepsia are extremely detailed and include data about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etc. We use a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you choose to host your Internet sites with our company, there won't be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains you include through your hosting Control Panel. If required, you can disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall will still operate and record info, but shall not do anything to prevent potential attacks on your sites. Comprehensive logs will be available inside your CP and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones which our administrators occasionally include to respond to newly identified threats on time.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web programs will be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you could deactivate it with a click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it will maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the very same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones that our administrators include manually so as to react to new threats which are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web app does not function correctly, you may either disable the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any possible attack which could occur, but will not take any action to prevent it. The logs created in passive or active mode will give you more details about the exact file that was attacked, the form of the attack and the IP it came from, and so on. This information shall enable you to decide what actions you can take to increase the protection of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial package from a third-party security company we work with, but occasionally our administrators include their own rules too if they identify a new potential threat.