ModSecurity in Web Hosting
We provide ModSecurity with all web hosting plans, so your web applications will be protected against malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall discover within Hepsia are incredibly detailed and feature data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etcetera. We use a range of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is enabled by default, any Internet site you build under a domain or a subdomain shall be secured straight away. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to stop and start the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still detect possible attacks and will keep all info within a log as if it were completely active. The logs can be found inside the exact same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we use on our machines are a mix of commercial ones from a security firm and custom ones created by our system admins. As a result, we provide increased security for your web programs as we can protect them from attacks before security firms release updates for new threats.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there won't be anything special that you'll have to do to protect your sites. It shall take you simply a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You will be able to see the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to take care of it, etc. We use a combination of commercial and custom rules so as to ensure that ModSecurity will block out as many threats as possible, hence increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application does not function correctly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack that might take place, but shall not take any action to prevent it. The logs generated in passive or active mode shall present you with additional details about the exact file which was attacked, the type of the attack and the IP it came from, etc. This data will allow you to decide what actions you can take to boost the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial pack from a third-party security firm we work with, but occasionally our staff add their own rules too when they find a new potential threat.