ModSecurity in Web Hosting
ModSecurity is available on all web hosting machines, so if you decide to host your sites with our organization, they shall be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the safety of our clients' websites very seriously, we use a collection of commercial rules which we take from one of the best companies which maintain this kind of rules. Our admins also include custom rules to make certain that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
Any web program that you set up within your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it completely, but you could also activate a passive mode, so the firewall will not block anything, but it shall still maintain an archive of potential attacks. This normally requires just a mouse click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to newly discovered threats as fast as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web applications shall be protected from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to stop them. The logs can be found within the same section and include information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we use not just commercial rules from a business working in the field of web security, but also custom ones which our admins add manually so as to respond to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application that you upload or set up shall be protected from the very beginning and you will not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will see in the logs can easily allow you to to secure your websites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you'll be able to see if a site needs an update, whether you ought to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well whenever they come across a new threat that is not yet a part of the commercial bundle.