ModSecurity in Hosting
ModSecurity comes by default with all hosting solutions that we offer and it shall be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with only a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites will include detailed info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new type of attacks. That way, the websites that you host here will be far more secure without any action required on your end.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity by default inside all semi-dedicated server products, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any Internet site with a click. You will also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, etc. The list of rules that we use is regularly updated as to match any new risks which may appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our admins include if they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the web server, so there won't be anything special that you will have to do to protect your websites. It'll take you simply a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to tackle it, etc. We use a mixture of commercial and custom rules in order to make certain that ModSecurity shall block as many risks as possible, thus increasing the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web app does not work adequately, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that might occur, but shall not take any action to stop it. The logs created in active or passive mode shall give you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, etc. This information will allow you to determine what steps you can take to enhance the protection of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security company we work with, but sometimes our administrators include their own rules also when they discover a new potential threat.