ModSecurity in Shared Web Hosting
We offer ModSecurity with all shared web hosting plans, so your web apps will be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll find inside Hepsia are incredibly detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so on. We employ a range of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default in all semi-dedicated hosting products, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any site with a mouse click. You shall also be able to switch on a passive detection mode through which ModSecurity shall maintain a log of potential attacks without really preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules which we use is regularly updated in order to match any new risks that may appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our admins include if they discover a threat that is not present within the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is included with all Hepsia-based virtual private servers we offer and it shall be switched on automatically for any new domain or subdomain which you include on the machine. This way, any web application you install will be protected from the very beginning without doing anything by hand on your end. The firewall could be handled from the section of the CP which bears the same name. This is the place whereyou could switch off ModSecurity or activate its passive mode, so it shall not take any action toward threats, but shall still keep a thorough log. The recorded data is available inside the same section as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones we get from a security company and custom ones that are included by our staff to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In case that a web app doesn't work properly, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any possible attack that may take place, but will not take any action to stop it. The logs generated in passive or active mode will give you additional details about the exact file which was attacked, the form of the attack and the IP it originated from, and so forth. This data will permit you to choose what measures you can take to increase the safety of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security enterprise we work with, but sometimes our staff include their own rules as well in case they find a new potential threat.