ModSecurity in Shared Hosting
ModSecurity can be found with every single shared hosting package that we provide and it is switched on by default for every domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your applications or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You can also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but won't take any action. You can see extensive logs in the same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum safety of our clients we use a group of commercial firewall rules combined with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity as a standard inside all semi-dedicated hosting plans, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to enable or disable the firewall for any Internet site with a click. You shall also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it came from, and so on. The list of rules we use is regularly updated in order to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our administrators include if they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Web Hosting
ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it shall be activated automatically for any new domain or subdomain that you include on the machine. In this way, any web application you install will be protected right from the start without doing anything personally on your end. The firewall may be managed through the section of the CP which has the same name. This is the location whereyou could turn off ModSecurity or activate its passive mode, so it shall not take any action against threats, but shall still keep a thorough log. The recorded information is available in the same area as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a blend between commercial ones which we get from a security organization and custom ones that are included by our staff to improve the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In case that a web application does not function adequately, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that might happen, but will not take any action to stop it. The logs produced in passive or active mode shall provide you with more details about the exact file which was attacked, the nature of the attack and the IP address it came from, etc. This information will enable you to choose what measures you can take to enhance the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security enterprise we work with, but occasionally our admins add their own rules as well when they identify a new potential threat.