ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Get Started

ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and in case it discovers an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the site visitors than any web server does, so you will be able to keep an eye on what is happening with your Internet sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether anyone is attempting to log in to the admin area of a given script multiple times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the software blocks the attempts right away, and then records detailed info about them in its logs. ModSecurity is among the very best software firewalls out there and it could easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Web Hosting

ModSecurity can be found with each web hosting package which we provide and it's turned on by default for any domain or subdomain that you add through your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for some reason, you shall be able to do that through the ModSecurity section of Hepsia with only a click. You may also use a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You'll be able to see comprehensive logs in the very same section, including the IP where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum safety of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system administrators.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In case that a web app doesn't work properly, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which may take place, but shall not take any action to stop it. The logs created in passive or active mode shall present you with additional details about the exact file which was attacked, the type of the attack and the IP address it came from, and so forth. This information shall enable you to decide what steps you can take to enhance the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial package from a third-party security company we work with, but sometimes our staff add their own rules also if they discover a new potential threat.