ModSecurity in Shared Web Hosting
ModSecurity is offered with each and every shared web hosting plan which we offer and it is switched on by default for every domain or subdomain which you include through your Hepsia CP. In case it interferes with any of your applications or you would like to disable it for any reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a click. You could also activate a passive mode, so the firewall will recognize possible attacks and keep a log, but shall not take any action. You'll be able to view comprehensive logs in the very same section, including the IP where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum protection of our clients we use a set of commercial firewall rules combined with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you decide to host your Internet sites with us, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains that you add via your hosting Control Panel. If needed, you can disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall shall still work and record info, but won't do anything to prevent possible attacks on your sites. Comprehensive logs will be available within your CP and you shall be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We employ two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our admins occasionally include to respond to newly identified risks on time.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web apps shall be protected from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can disable it with a mouse click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will keep a comprehensive log of any possible attacks without taking any action to stop them. The logs can be found inside the same section and include details about the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not only commercial rules from a company operating in the field of web security, but also custom ones which our administrators add personally so as to react to new threats that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it's enabled by default whenever you add a new domain or subdomain on your web server. In the event that it interferes with any of your applications, you will be able to stop it via the respective part of Hepsia, or you can leave it in passive mode, so it shall recognize attacks and shall still maintain a log for them, but won't prevent them. You could analyze the logs later to find out what you can do to boost the security of your sites since you shall find details such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity responded, and so on. The rules which we employ are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then in order to respond to any new threats they have discovered.