ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and when it detects an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the site visitors than any server does, so you shall manage to monitor what is happening with your sites much better than if you rely only on standard logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects if somebody is trying to log in to the administration area of a certain script several times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, after that records detailed information about them in its logs. ModSecurity is among the best software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

: ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting solutions which we provide and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and disable it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your sites shall include comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and incorporate both commercial ones we get from a third-party security company and custom ones our system admins add in the event that they detect a new type of attacks. This way, the Internet sites which you host here will be much more secure with no action expected on your end.