ModSecurity

: Hosting Terminology; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; App Installer; Auto-reply Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domains; Domain Registration Transfer; Dreamweaver Compatible; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; Full DNS Management; WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domains Hosted; Hotlink Protection; Htaccess Generator; WHOIS Protection; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl Scripting; PgSQL Databases; PostgreSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Serverside Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Support; Monthly Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Service Uptime; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Set-up Fees; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Website Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Join us

ModSecurity is a powerful firewall for Apache web servers that is employed to stop attacks toward web apps. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a particular file that could result in accessing the Internet site triggers a different rule, etc. ModSecurity is amongst the best firewalls around and it'll secure even scripts that aren't updated often since it can prevent attackers from employing known exploits and security holes. Incredibly thorough data about every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs provided by the Apache server, so you can later examine them and determine whether you need to take more measures so as to enhance the security of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity is offered with each and every cloud hosting package which we provide and it is activated by default for any domain or subdomain that you include through your Hepsia Control Panel. If it disrupts any of your applications or you would like to disable it for some reason, you shall be able to achieve that through the ModSecurity area of Hepsia with just a click. You may also enable a passive mode, so the firewall will detect possible attacks and maintain a log, but shall not take any action. You'll be able to view detailed logs in the exact same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For optimum security of our clients we use a set of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you opt to host your sites with our company, there shall not be anything special you will have to do since the firewall is turned on by default for all domains and subdomains which you include through your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall will still operate and record data, but will not do anything to stop possible attacks against your websites. Thorough logs shall be readily available within your Control Panel and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones which our admins occasionally include to respond to newly found risks promptly.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web applications will be protected from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to stop them. The logs can be found inside the same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For optimum security, we use not only commercial rules from a company working in the field of web security, but also custom ones our admins include manually in order to respond to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you will not have to do anything specific on your end to use it since it is activated by default whenever you include a new domain or subdomain on your web server. If it interferes with some of your programs, you will be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it'll recognize attacks and will still keep a log for them, but shall not prevent them. You may analyze the logs later to determine what you can do to boost the security of your Internet sites as you will find details such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, therefore they're frequently updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then as to react to any new threats they have discovered.

Small Business Hosting

ModSecurity

ModSecurity in Cloud Hosting

ModSecurity in Semi-dedicated Hosting

ModSecurity in VPS Hosting

ModSecurity in Dedicated Web Hosting