ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks against script-driven sites through the use of security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even sites that aren't updated regularly. As an example, several failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is quite efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts that contains more information than traditional Apache logs, so you could later examine the data and take additional measures to improve the security of your websites if necessary.

: ModSecurity in Cloud Website Hosting

ModSecurity is supplied with all cloud website hosting servers, so when you decide to host your Internet sites with our company, they will be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our customers' sites very seriously, we employ a selection of commercial rules which we get from one of the leading firms that maintain this sort of rules. Our admins also include custom rules to make certain that your sites shall be protected against as many threats as possible.; ModSecurity in Dedicated Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to use it as it's switched on by default every time you add a new domain or subdomain on your server. In case it disrupts any of your programs, you'll be able to stop it via the respective part of Hepsia, or you can leave it in passive mode, so it'll detect attacks and will still maintain a log for them, but won't prevent them. You could look at the logs later to determine what you can do to increase the protection of your websites as you'll find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules we use are commercial, hence they are frequently updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while in order to deal with any new threats they have discovered.