ModSecurity in Hosting
ModSecurity comes by default with all hosting solutions that we provide and it will be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for each of your websites will contain detailed info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and include both commercial ones that we get from a third-party security company and custom ones our system admins include in case that they detect a new sort of attacks. That way, the sites which you host here shall be much more protected with no action needed on your end.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In case that a web application doesn't operate properly, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any potential attack that might happen, but won't take any action to stop it. The logs produced in passive or active mode will give you more details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etc. This data will allow you to choose what actions you can take to improve the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial package from a third-party security enterprise we work with, but sometimes our staff include their own rules as well in case they discover a new potential threat.