ModSecurity in Hosting
ModSecurity is provided with all hosting machines, so when you decide to host your websites with our business, they will be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' Internet sites very seriously, we use a set of commercial rules that we get from one of the leading companies that maintain this sort of rules. Our admins also add custom rules to ensure that your sites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity by default within all semi-dedicated server plans, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any website with a mouse click. You'll also be able to switch on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually stopping them. The thorough logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, and so forth. The list of rules which we employ is constantly updated as to match any new threats that could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our administrators add in the event that they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it shall be switched on automatically for every new domain or subdomain you include on the hosting server. That way, any web application you install shall be protected right from the start without doing anything by hand on your end. The firewall can be handled via the section of the CP that bears the same name. This is the location whereyou'll be able to disable ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still maintain a comprehensive log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we use on our servers are a mixture between commercial ones which we get from a security organization and custom ones that are included by our staff to improve the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any application which you upload or set up will be secured from the very beginning and you'll not need to worry about common attacks or vulnerabilities. An independent section inside Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you will see in the logs can easily allow you to to secure your sites better - the IP address an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you could see whether a site needs an update, if you should block IPs from accessing your hosting server, and so on. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well whenever they find a new threat which is not yet included in the commercial bundle.