ModSecurity in Hosting
ModSecurity comes by default with all hosting solutions that we provide and it will be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for each of your websites will contain detailed info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and include both commercial ones that we get from a third-party security company and custom ones our system admins include in case that they detect a new sort of attacks. That way, the sites which you host here shall be much more protected with no action needed on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you opt to host your sites with us, there will not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains you include through your hosting Control Panel. If necessary, you could disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall will still operate and record info, but won't do anything to stop possible attacks against your websites. In depth logs will be accessible in your CP and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etc. We use two types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our administrators occasionally include to respond to newly identified threats promptly.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there won't be anything special which you'll need to do to protect your websites. It shall take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You'll be able to see the logs created in passive or active mode from the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to take care of it, etc. We employ a mix of commercial and custom rules so as to ensure that ModSecurity will stop as many risks as possible, consequently increasing the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In case that a web application doesn't operate properly, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any potential attack that might happen, but won't take any action to stop it. The logs produced in passive or active mode will give you more details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etc. This data will allow you to choose what actions you can take to improve the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial package from a third-party security enterprise we work with, but sometimes our staff include their own rules as well in case they discover a new potential threat.