ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and when it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the website visitors than any server does, so you'll be able to keep track of what is happening with your sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies if someone is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the firewall software blocks the attempts right away, after that records comprehensive info about them in its logs. ModSecurity is amongst the best software firewalls out there and it can protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

: ModSecurity in Website Hosting

We provide ModSecurity with all website hosting plans, so your web applications shall be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will find within Hepsia are very detailed and offer data about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etc. We employ a group of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our machines.; ModSecurity in Semi-dedicated Servers

Any web application that you set up inside your new semi-dedicated server account will be protected by ModSecurity as the firewall comes with all our hosting packages and is activated by default for any domain and subdomain that you add or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area within Hepsia where not only can you activate or deactivate it completely, but you can also activate a passive mode, so the firewall won't block anything, but it'll still keep an archive of possible attacks. This requires only a click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our admins update personally in order to respond to newly discovered threats immediately.; ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers we offer and it shall be switched on automatically for any new domain or subdomain you include on the machine. That way, any web app which you install shall be protected from the very beginning without doing anything personally on your end. The firewall can be handled from the section of the Control Panel which bears the same name. This is the location in whichyou can disable ModSecurity or let its passive mode, so it shall not take any action towards threats, but shall still maintain a detailed log. The recorded data is available within the same section as well and you'll be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones which we obtain from a security company and custom ones that are included by our administrators to maximize the protection of any web applications hosted on our end.; ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web apps will be secured right away as ModSecurity is available with all Hepsia-based solutions. You will be able to control the firewall effortlessly and if needed, you'll be able to turn it off or enable its passive mode when it will only keep a log of what's happening without taking any action to prevent possible attacks. The logs that you can find within the same section of the Control Panel are extremely detailed and include data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This info will enable you to take measures and improve the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators add when they recognize attacks that have not yet been included within the commercial pack.