ModSecurity in Website Hosting
ModSecurity is offered with each and every website hosting package which we provide and it's switched on by default for any domain or subdomain that you add through your Hepsia Control Panel. In the event that it disrupts any of your applications or you would like to disable it for some reason, you will be able to do this through the ModSecurity section of Hepsia with only a mouse click. You could also use a passive mode, so the firewall will discover potential attacks and keep a log, but won't take any action. You'll be able to see extensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a set of commercial firewall rules mixed with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your websites with us, there will not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains which you include using your hosting CP. If necessary, you'll be able to disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall shall still function and record info, but shall not do anything to stop possible attacks on your websites. Thorough logs shall be accessible inside your Control Panel and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our administrators sometimes add to respond to newly discovered threats promptly.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web applications will be protected from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a click via the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available within the same section and provide info about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For best security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones that our administrators include manually so as to react to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. In the event that a web app does not operate correctly, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack that may happen, but shall not take any action to stop it. The logs produced in active or passive mode shall provide you with additional details about the exact file which was attacked, the form of the attack and the IP it originated from, etcetera. This info will enable you to determine what measures you can take to boost the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial pack from a third-party security provider we work with, but from time to time our staff add their own rules too if they come across a new potential threat.