ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and when it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the traffic than any web server does, so you will manage to keep track of what is happening with your websites better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it detects whether somebody is attempting to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, then records detailed information about them inside its logs. ModSecurity is one of the best software firewalls out there and it can protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting plans which we offer and it'll be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and disable it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to stop them. The log for any of your websites will feature comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and consist of both commercial ones which we get from a third-party security company and custom ones which our system administrators include in the event that they detect a new type of attacks. In this way, the sites that you host here shall be far more protected with no action needed on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you choose to host your Internet sites with us, there won't be anything special you will have to do as the firewall is switched on by default for all domains and subdomains that you include via your hosting Control Panel. If needed, you could disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to stop potential attacks against your websites. Thorough logs shall be readily available inside your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones that our administrators sometimes add to respond to newly found risks on time.

ModSecurity in VPS Servers

Security is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not need to do anything by hand. You'll also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of potential attacks you can later analyze, but shall not stop them. The logs in both passive and active modes include info regarding the type of the attack and how it was prevented, what IP it came from and other useful information which could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. On top of the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules because every now and then we discover specific attacks which are not yet present inside the commercial package. This way, we can boost the security of your Virtual private server instantly rather than waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. Just in case that a web app doesn't function correctly, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any potential attack which might take place, but will not take any action to prevent it. The logs produced in active or passive mode shall give you additional details about the exact file which was attacked, the form of the attack and the IP it originated from, and so on. This information shall allow you to choose what actions you can take to increase the protection of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial pack from a third-party security enterprise we work with, but from time to time our admins include their own rules also in the event that they find a new potential threat.