ModSecurity

: Glossary; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; Web Application Installer; Auto-responder Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domains; Domain Registration Transfer; Dreamweaver Compatible; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; DNS Management; WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domain Names Hosted; Hotlink Protection; Htaccess Generator; ID Protect; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl Scripting; PostgreSQL Databases; PgSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; SSI; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Support; Data Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Hosting Service Uptime; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Set-up Fee; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Website Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Join us

ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web apps. It keeps track of the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a certain file which may result in accessing the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls on the market and it will protect even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite thorough info about every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you can later take a look at them and decide if you need to take extra measures in order to enhance the security of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting web servers, so if you opt to host your websites with our company, they shall be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if required, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs via your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our clients' sites seriously, we employ a group of commercial rules that we get from one of the top companies which maintain this sort of rules. Our admins also include custom rules to make certain that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web application that you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall won't stop anything, but it'll still keep a record of potential attacks. This normally requires just a click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our admins update personally in order to respond to recently discovered threats as soon as possible.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the machine, so there won't be anything special which you shall have to do to protect your sites. It shall take you just a click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to see the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to deal with it, and so on. We use a mixture of commercial and custom rules in order to make sure that ModSecurity shall block as many threats as possible, hence increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Hosting

All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or install will be protected from the very beginning and you won't need to stress about common attacks or vulnerabilities. A separate section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will see in the logs shall allow you to to secure your Internet sites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this information, you could see whether an Internet site needs an update, if you should block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well if they come across a new threat which is not yet in the commercial bundle.