ModSecurity

: Hosting Definitions; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; App Installer; Auto-reply Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Web Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP Address; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domain Names; Domain Registration Transfer; Dreamweaver Compatible; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; DNS Management; WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domain Names Hosted; Hotlinking Protection; Htaccess Generator; WHOIS Protection; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl; PgSQL Databases; PgSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Serverside Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Customer Support; Bandwidth; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Hosting Service Uptime; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Set-up Fee; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Site Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Templates; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Sign Up

ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks toward web apps. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file which could result in getting access to the site triggers another rule, etc. ModSecurity is one of the best firewalls out there and it will protect even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly comprehensive information about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs created by the Apache server, so you could later examine them and decide whether you need to take extra measures in order to increase the security of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so if you opt to host your sites with our company, they will be protected against a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any site if required, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the safety of our customers' sites very seriously, we employ a collection of commercial rules which we take from one of the top companies which maintain such rules. Our admins also include custom rules to make sure that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer come with ModSecurity and because the firewall is turned on by default, any website that you build under a domain or a subdomain will be secured immediately. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any website or activate a detection mode. With the latter, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all information within a log as if it were 100% active. The logs can be found inside the very same section of the Control Panel and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our servers are a mix of commercial ones from a security business and custom ones made by our system administrators. As a result, we provide greater security for your web programs as we can protect them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS

ModSecurity comes with all Hepsia-based virtual private servers we offer and it will be activated automatically for every new domain or subdomain you include on the hosting server. In this way, any web app which you install shall be protected from the very beginning without doing anything by hand on your end. The firewall could be managed via the section of the Control Panel which bears the same name. This is the place in whichyou could switch off ModSecurity or let its passive mode, so it will not take any action against threats, but shall still keep a comprehensive log. The recorded data is available in the same area as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we employ on our servers are a blend between commercial ones which we get from a security company and custom ones that are added by our staff to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any application which you upload or set up shall be secured from the very beginning and you won't need to bother about common attacks or vulnerabilities. An independent section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall find in the logs shall help you to secure your sites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this information, you can see if a site needs an update, if you need to block IPs from accessing your web server, etc. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too when they discover a new threat that's not yet included in the commercial bundle.