ModSecurity in Website Hosting
ModSecurity comes by default with all website hosting packages which we provide and it shall be activated automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with only a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites will feature in-depth information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security business and custom ones our system administrators add in case that they detect a new type of attacks. In this way, the websites which you host here shall be much more protected with no action required on your end.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity as a standard in all semi-dedicated hosting plans, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will permit you to enable or disable the firewall for any website with a mouse click. You shall also have the ability to turn on a passive detection mode with which ModSecurity shall keep a log of possible attacks without really stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it came from, etcetera. The list of rules that we use is frequently updated in order to match any new threats that may appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our admins add if they find a threat which is not present within the commercial list yet.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web applications shall be protected from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a click from the corresponding section of Hepsia. You may also set it to function in detection mode, so it will maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For best security, we use not only commercial rules from a company working in the field of web security, but also custom ones our admins include manually so as to react to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In the event that a web application doesn't function adequately, you could either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any possible attack that might happen, but will not take any action to stop it. The logs produced in active or passive mode shall provide you with more details about the exact file that was attacked, the form of the attack and the IP it came from, and so forth. This info will enable you to decide what actions you can take to improve the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security company we work with, but from time to time our administrators add their own rules too in case they come across a new potential threat.