ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting plans, so your web apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are very detailed and feature information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting packages and if you decide to host your sites with our company, there shall not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains that you add via your hosting Control Panel. If required, you can disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent possible attacks on your Internet sites. Comprehensive logs will be accessible within your Control Panel and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins sometimes include to respond to newly discovered risks on time.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web apps shall be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a mouse click through the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the very same section and offer info about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a company working in the field of web security, but also custom ones that our admins add manually in order to react to new threats that are still not addressed in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app does not function adequately, you could either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which might occur, but shall not take any action to stop it. The logs generated in passive or active mode will give you more details about the exact file which was attacked, the form of the attack and the IP address it came from, etc. This data will permit you to decide what steps you can take to improve the protection of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated often with a commercial package from a third-party security provider we work with, but oftentimes our staff add their own rules also in case they discover a new potential threat.