ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting solutions, so your web applications will be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will find within Hepsia are extremely detailed and include data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so forth. We use a range of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer feature ModSecurity and given that the firewall is turned on by default, any Internet site you create under a domain or a subdomain will be secured right from the start. An individual section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all information inside a log as if it were 100% active. The logs could be found within the exact same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we use on our machines are a mix between commercial ones from a security firm and custom ones created by our system administrators. Therefore, we provide greater security for your web programs as we can protect them from attacks before security firms release updates for brand new threats.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the web server, so there shall not be anything special which you'll have to do to protect your sites. It'll take you just a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You'll be able to see the logs produced in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to tackle it, and so on. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity shall block out as many threats as possible, thus increasing the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the server. Just in case that a web application does not operate adequately, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack that might occur, but shall not take any action to prevent it. The logs produced in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP it came from, and so on. This info shall enable you to choose what actions you can take to improve the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial bundle from a third-party security company we work with, but sometimes our admins add their own rules too in case they find a new potential threat.