ModSecurity

: Hosting Definitions; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; Free Web Apps; Auto-responder Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Web Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domain Names; Domain Registration Transfer; Dreamweaver Compatibility; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; DNS Management; Full WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domains Hosted; Hotlink Protection; Htaccess Generator; Domain Privacy Protection; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl; PgSQL Databases; PgSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Server Side Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Support; Monthly Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Hosting Service Uptime; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Setup Fee; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Site Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Templates; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Purchase

ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to stop attacks against script-driven sites by employing security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even websites that aren't updated on a regular basis. For example, multiple failed login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the minute it identifies them. The firewall is quite efficient since it screens the whole HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore maintains an incredibly comprehensive log of all attack attempts that contains more info than standard Apache logs, so you could later examine the data and take further measures to boost the security of your Internet sites if needed.

ModSecurity in Cloud Web Hosting

ModSecurity is available with every single cloud web hosting plan that we offer and it's switched on by default for every domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you would like to disable it for some reason, you shall be able to achieve that through the ModSecurity section of Hepsia with simply a mouse click. You may also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You can see detailed logs in the very same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max safety of our customers we use a set of commercial firewall rules combined with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Servers

Any web app you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is included with all our hosting solutions and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area in Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall won't stop anything, but it will still keep a record of potential attacks. This requires just a mouse click and you'll be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one which our administrators update personally as to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

Protection is essential to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia CP by default. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't need to do anything manually. You will also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of potential attacks you can later study, but won't block them. The logs in both passive and active modes offer information about the form of the attack and how it was prevented, what IP it came from and other important information which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules as once in a while we find specific attacks that aren't yet present within the commercial pack. This way, we could increase the security of your Virtual private server instantly as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. Just in case that a web app does not function adequately, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any potential attack that could take place, but shall not take any action to prevent it. The logs created in passive or active mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP address it originated from, etc. This data shall permit you to decide what steps you can take to increase the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial pack from a third-party security provider we work with, but occasionally our admins add their own rules also if they find a new potential threat.