ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the website visitors than any web server does, so you will manage to monitor what's going on with your websites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies whether someone is attempting to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall software blocks the attempts in real time, after that records comprehensive info about them in its logs. ModSecurity is among the best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans which we provide and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones our system administrators add in the event that they detect a new type of attacks. In this way, the Internet sites which you host here shall be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you opt to host your websites with our company, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains which you add using your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks against your sites. Comprehensive logs shall be accessible inside your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our administrators often add to respond to newly identified threats promptly.