ModSecurity in Hosting
We offer ModSecurity with all hosting solutions, so your Internet apps shall be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will discover in Hepsia are quite detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We use a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard within all semi-dedicated server plans, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to activate or disable the firewall for any site with a click. You shall also be able to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we use is constantly updated as to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our admins add in case they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web applications will be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you could disable it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not only commercial rules from a company operating in the field of web security, but also custom ones which our admins include personally so as to react to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web application doesn't operate properly, you could either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which could occur, but will not take any action to prevent it. The logs produced in passive or active mode shall give you more details about the exact file that was attacked, the form of the attack and the IP address it originated from, and so forth. This data will permit you to determine what measures you can take to increase the protection of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but sometimes our admins add their own rules as well when they discover a new potential threat.