ModSecurity in Web Hosting
We provide ModSecurity with all web hosting solutions, so your web applications will be resistant to destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall find inside Hepsia are extremely detailed and include data about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web application you set up in your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain you add or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall will not block anything, but it will still keep an archive of possible attacks. This takes just a mouse click and you shall be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one which our administrators update manually as to respond to newly discovered threats as fast as possible.
ModSecurity in Dedicated Hosting
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it since it is enabled by default every time you include a new domain or subdomain on your server. In the event that it interferes with any of your programs, you will be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not stop them. You could look at the logs later to determine what you can do to boost the safety of your sites as you will find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, and so on. The rules which we employ are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our administrators also add custom rules every now and then in order to react to any new threats they have discovered.