ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting packages, so your Internet apps will be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will find inside Hepsia are very detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so on. We use a range of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web program you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is included with all our hosting packages and is turned on by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section inside Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall will not block anything, but it shall still maintain an archive of potential attacks. This normally requires simply a click and you shall be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, and so forth. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our admins update personally in order to respond to newly discovered risks as soon as possible.
ModSecurity in VPS Servers
Protection is very important to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you won't have to do anything by hand. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of possible attacks that you can later analyze, but shall not block them. The logs in both passive and active modes include details about the type of the attack and how it was stopped, what IP it came from and other important info that could help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules because from time to time we identify specific attacks that are not yet present within the commercial package. This way, we can enhance the security of your Virtual private server promptly rather than waiting for an official update.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it's switched on by default each time you add a new domain or subdomain on your server. If it disrupts some of your applications, you will be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it shall recognize attacks and will still keep a log for them, but will not block them. You'll be able to examine the logs later to find out what you can do to increase the safety of your Internet sites as you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules that we use are commercial, therefore they are regularly updated by a security firm, but to be on the safe side, our staff also add custom rules from time to time in order to deal with any new threats they have identified.