ModSecurity

: Hosting Terminology; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; App Installer; Auto-responder Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP Address; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domain Names; Domain Registration Transfer; Dreamweaver Compatibility; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; Full DNS Management; Full WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domains Hosted; Hotlink Protection; Htaccess Generator; ID Protection; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft Frontpage Extensions; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl; PostgreSQL Databases; PgSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Server Side Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Help Desk; Monthly Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Hosting Service Uptime; URL Redirector; Varnish; VPN Traffic; Multiple Control Panels; Setup Fee; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Website Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Website Templates; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Get Started

ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the website visitors than any server does, so you'll manage to keep an eye on what's going on with your sites much better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if someone is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, after that records comprehensive info about them in its logs. ModSecurity is amongst the best software firewalls out there and it can protect your web applications against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

: ModSecurity in Web Hosting

ModSecurity comes by default with all web hosting packages that we offer and it'll be turned on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with simply a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your sites will contain comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and incorporate both commercial ones which we get from a third-party security business and custom ones that our system administrators add in case that they detect a new kind of attacks. In this way, the sites that you host here will be much more protected without any action needed on your end.; ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer feature ModSecurity and since the firewall is switched on by default, any site you build under a domain or a subdomain will be secured right away. An individual section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all info within a log as if it were completely active. The logs can be found within the very same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules which we employ on our servers are a mix between commercial ones from a security firm and custom ones developed by our system administrators. As a result, we offer greater security for your web applications as we can protect them from attacks before security businesses release updates for new threats.; ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it'll be activated automatically for every new domain or subdomain which you add on the hosting server. This way, any web application that you install will be protected right away without doing anything manually on your end. The firewall can be handled through the section of the CP which has the same name. This is the place whereyou can turn off ModSecurity or activate its passive mode, so it won't take any action towards threats, but will still keep a comprehensive log. The recorded info is available inside the same section as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we use on our servers are a mixture between commercial ones which we get from a security firm and custom ones which are included by our administrators to optimize the security of any web apps hosted on our end.; ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it as it's activated by default every time you include a new domain or subdomain on your server. In the event that it interferes with any of your programs, you will be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it shall detect attacks and shall still maintain a log for them, but shall not block them. You can examine the logs later to learn what you can do to enhance the safety of your Internet sites since you'll find info such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity responded, etc. The rules we employ are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our admins also add custom rules occasionally in order to react to any new threats they have discovered.