ModSecurity in Web Hosting
We provide ModSecurity with all web hosting packages, so your Internet apps will be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you shall find within Hepsia are very detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity as a standard inside all semi-dedicated hosting packages, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any Internet site with a mouse click. You'll also be able to turn on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, etcetera. The list of rules that we use is constantly updated as to match any new risks which might appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our admins add in case they find a threat that is not present in the commercial list yet.
ModSecurity in VPS Web Hosting
Security is very important to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you'll not have to do anything personally. You will also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks which you can later study, but shall not block them. The logs in both passive and active modes include info about the kind of the attack and how it was eliminated, what IP address it came from and other useful info which could help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules which we get for ModSecurity from a third-party security enterprise, we also implement our own rules because occasionally we identify specific attacks which are not yet present inside the commercial pack. This way, we can easily enhance the security of your VPS in a timely manner instead of awaiting an official update.
ModSecurity in Dedicated Servers Hosting
ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it as it is switched on by default every time you include a new domain or subdomain on your web server. If it disrupts any of your apps, you shall be able to stop it through the respective area of Hepsia, or you can leave it working in passive mode, so it will recognize attacks and will still maintain a log for them, but shall not prevent them. You can examine the logs later to find out what you can do to increase the safety of your Internet sites as you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, etcetera. The rules that we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our admins also include custom rules from time to time as to react to any new threats they have found.