ModSecurity in Hosting
ModSecurity comes standard with all hosting plans that we supply and it'll be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with only a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your Internet sites will include elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and consist of both commercial ones which we get from a third-party security business and custom ones our system admins include in the event that they detect a new sort of attacks. This way, the websites which you host here shall be much more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your Internet sites with our company, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains which you add using your hosting CP. If required, you could disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall shall still work and record info, but will not do anything to prevent possible attacks on your sites. In depth logs will be available within your CP and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etc. We employ two types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our admins occasionally include to respond to newly found risks promptly.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers we offer and it will be switched on automatically for every new domain or subdomain you add on the machine. In this way, any web application you install will be secured right away without doing anything personally on your end. The firewall may be handled via the section of the Control Panel which bears the same name. This is the location whereyou could switch off ModSecurity or activate its passive mode, so it shall not take any action against threats, but shall still maintain a comprehensive log. The recorded info is available in the same section as well and you shall be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones which we get from a security company and custom ones that are included by our staff to enhance the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any program which you upload or install will be properly secured from the very beginning and you'll not need to worry about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you shall find in the logs shall enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this info, you'll be able to see whether a website needs an update, if you should block IPs from accessing your web server, etcetera. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well every time they come across a new threat which is not yet in the commercial bundle.