ModSecurity

: Definitions; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; Web App Installer; Auto-responder Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP Address; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domains; Domain Registration Transfer; Dreamweaver Compatibility; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; Full DNS Management; Full WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domains Hosted; Hotlinking Protection; Htaccess Generator; Domain Info Protection; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft Frontpage Extensions; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl Scripting; PostgreSQL Databases; PostgreSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Serverside Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Support; Data Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Service Uptime Guarantee; URL Redirector; Varnish; VPN Traffic; Multiple Control Panels; Setup Fees; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Website Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Order

ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks toward web apps. It monitors the HTTP traffic to a particular site in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script admin area without success several times triggers one rule, sending a request to execute a particular file that could result in gaining access to the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls on the market and it'll protect even scripts which aren't updated regularly as it can prevent attackers from using known exploits and security holes. Very thorough information about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs generated by the Apache server, so you may later analyze them and determine if you need to take additional measures in order to boost the protection of your script-driven sites.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting packages, so your web applications will be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you shall be able to stop it using the respective section of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll discover inside Hepsia are incredibly detailed and offer data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so forth. We employ a set of commercial rules which are frequently updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web app which you install inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area within Hepsia where not simply could you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall will not block anything, but it shall still keep an archive of potential attacks. This normally requires just a mouse click and you shall be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so forth. The firewall employs two sets of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Hosting

All virtual private servers that are provided with the Hepsia CP include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special which you shall have to do to protect your websites. It will take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You shall be able to look at the logs produced in active or passive mode from the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to take care of it, and so forth. We employ a mix of commercial and custom rules in order to make sure that ModSecurity will prevent as many threats as possible, therefore enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it because it is enabled by default every time you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your apps, you'll be able to stop it through the respective section of Hepsia, or you can leave it working in passive mode, so it shall recognize attacks and shall still maintain a log for them, but shall not block them. You may examine the logs later to learn what you can do to enhance the security of your Internet sites as you'll find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules which we employ are commercial, thus they're frequently updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then in order to deal with any new threats they have discovered.