ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to prevent attacks against script-driven sites by using security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated regularly. For example, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the minute it discovers them. The firewall is very efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains an incredibly detailed log of all attack attempts that contains more information than traditional Apache logs, so you could later check out the data and take extra measures to improve the security of your sites if needed.

ModSecurity in Shared Hosting

ModSecurity is offered with each shared hosting solution that we offer and it is turned on by default for every domain or subdomain which you add through your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for whatever reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a click. You can also use a passive mode, so the firewall will discover possible attacks and keep a log, but will not take any action. You could view comprehensive logs in the same section, including the IP address where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a group of commercial firewall rules combined with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web application you set up within your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you add or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area within Hepsia where not simply can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall won't block anything, but it'll still keep an archive of potential attacks. This normally requires simply a mouse click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our admins update personally as to respond to newly discovered threats immediately.

ModSecurity in VPS Servers

Security is extremely important to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you'll not have to do anything manually. You will also be able to deactivate it or switch on the so-called detection mode, so it will maintain a log of potential attacks that you can later analyze, but shall not block them. The logs in both passive and active modes include details about the kind of the attack and how it was prevented, what IP it came from and other useful information that might help you to tighten the security of your websites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules as once in a while we detect specific attacks that aren't yet present in the commercial package. This way, we can easily increase the protection of your VPS immediately as opposed to waiting for a certified update.

ModSecurity in Dedicated Servers

When you opt to host your sites on a dedicated server with the Hepsia CP, your web programs shall be protected straight away since ModSecurity is available with all Hepsia-based plans. You'll be able to manage the firewall easily and if required, you'll be able to turn it off or switch on its passive mode when it will only maintain a log of what's taking place without taking any action to prevent potential attacks. The logs which you can find within the very same section of the Control Panel are incredibly detailed and contain info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so forth. This data shall enable you to take measures and boost the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff include every time they identify attacks that haven't yet been included in the commercial pack.