ModSecurity

: Hosting Glossary; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; 1-Click Applications Installer; Auto-reply Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Web Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; Custom MX and A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Feature-rich Domain Manager; Parked Domains; Domain Registration Transfer; Dreamweaver Compatible; Dropbox Backups; E-mail Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; Full DNS Management; Full WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domains Hosted; Hotlinking Protection; Htaccess Generator; ID Protection; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl Scripting; PostgreSQL Databases; PostgreSQL Database Storage; Phone Support; PHP 4 PHP 5 PHP 7 And PHP 8 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Server Side Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Support; Bandwidth; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Service Uptime Guarantee; URL Redirector; Varnish; VPN Traffic; Multiple Control Panels; Setup Fees; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Website Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Website Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Order Now

ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks against web apps. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script admin area without success a few times sets off one rule, sending a request to execute a certain file that may result in accessing the website triggers another rule, and so on. ModSecurity is among the best firewalls around and it'll protect even scripts which aren't updated regularly because it can prevent attackers from using known exploits and security holes. Very comprehensive information about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the standard logs created by the Apache server, so you may later take a look at them and determine if you need to take additional measures in order to increase the safety of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity can be found with each and every cloud hosting solution that we provide and it's turned on by default for every domain or subdomain which you add through your Hepsia Control Panel. In case it disrupts any of your applications or you would like to disable it for any reason, you shall be able to do that through the ModSecurity section of Hepsia with simply a click. You can also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You can see extensive logs in the very same section, including the IP where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum security of our clients we use a set of commercial firewall rules mixed with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you decide to host your Internet sites with our company, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you include via your hosting Control Panel. If necessary, you can disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to prevent possible attacks on your sites. Detailed logs shall be available inside your Control Panel and you will be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones which our administrators often add to respond to newly found risks in a timely manner.

ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers that we offer and it will be switched on automatically for any new domain or subdomain that you include on the machine. That way, any web app that you install will be protected immediately without doing anything manually on your end. The firewall may be managed from the section of the CP that bears the same name. This is the area whereyou can switch off ModSecurity or let its passive mode, so it shall not take any action toward threats, but shall still keep a comprehensive log. The recorded data is available inside the same section as well and you will be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones we get from a security company and custom ones that are added by our admins to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

If you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected right away since ModSecurity is available with all Hepsia-based packages. You shall be able to manage the firewall with ease and if needed, you will be able to turn it off or switch on its passive mode when it'll only keep a log of what's going on without taking any action to stop potential attacks. The logs that you will find within the same section of the Control Panel are very detailed and feature info about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This data will permit you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add whenever they identify attacks which have not yet been included inside the commercial pack.