ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks against script-driven websites through the use of security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated on a regular basis. For example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the minute it detects them. The firewall is very efficient since it screens the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally keeps an incredibly detailed log of all attack attempts that contains more info than standard Apache logs, so you could later analyze the data and take additional measures to improve the security of your websites if necessary.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting plans which we supply and it'll be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and disable it with only a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites shall contain detailed information including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are frequently updated and consist of both commercial ones which we get from a third-party security business and custom ones which our system administrators include in case that they detect a new kind of attacks. In this way, the websites which you host here will be much more secure with no action required on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you opt to host your sites with us, there shall not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains which you include via your hosting CP. If required, you'll be able to disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall shall still operate and record data, but shall not do anything to stop potential attacks on your websites. Comprehensive logs shall be readily available within your Control Panel and you'll be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etc. We employ two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our admins often include to respond to newly discovered risks promptly.

ModSecurity in VPS Servers

Safety is very important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you won't have to do anything personally. You will also be able to disable it or turn on the so-called detection mode, so it shall keep a log of possible attacks that you can later examine, but won't stop them. The logs in both passive and active modes contain information about the type of the attack and how it was eliminated, what IP address it came from and other valuable information which could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules since from time to time we identify specific attacks that aren't yet present in the commercial group. This way, we can easily enhance the protection of your VPS immediately instead of waiting for a certified update.

ModSecurity in Dedicated Servers

All our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or set up will be properly secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily allow you to to secure your sites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this data, you can see whether an Internet site needs an update, if you need to block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too if they discover a new threat which is not yet included in the commercial bundle.