ModSecurity

: Glossary; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; Application Installer; Auto-reply Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domains; Domain Registration Transfer; Dreamweaver Compatible; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; Full DNS Management; Full WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domain Names Hosted; Hotlinking Protection; Htaccess Generator; WHOIS Guard; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl; PgSQL Databases; PgSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Serverside Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Customer Support; Bandwidth; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Hosting Service Uptime; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Setup Fee; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Website Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Order

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and when it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the website visitors than any server does, so you will be able to keep track of what is going on with your Internet sites much better than if you rely simply on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes if somebody is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, after that records comprehensive information about them inside its logs. ModSecurity is among the very best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so if you choose to host your websites with our business, they shall be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the security of our customers' sites very seriously, we employ a set of commercial rules that we take from one of the top firms that maintain such rules. Our admins also include custom rules to ensure that your sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is switched on by default, any site you create under a domain or a subdomain will be protected right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all data inside a log as if it were completely active. The logs could be found within the same section of the Control Panel and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we employ on our web servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Consequently, we offer higher security for your web applications as we can defend them from attacks even before security companies release updates for completely new threats.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any program that you upload or set up shall be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will discover in the logs shall allow you to to secure your websites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if a site needs an update, if you need to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too every time they find a new threat that's not yet included in the commercial bundle.