ModSecurity in Hosting
ModSecurity can be found with every single hosting plan that we provide and it is switched on by default for any domain or subdomain that you include via your Hepsia CP. In the event that it interferes with any of your apps or you would like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with simply a click. You could also enable a passive mode, so the firewall will recognize potential attacks and maintain a log, but will not take any action. You can view extensive logs in the very same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a set of commercial firewall rules blended with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer include ModSecurity and because the firewall is switched on by default, any site which you set up under a domain or a subdomain will be secured immediately. An independent section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all data inside a log as if it were completely active. The logs can be found in the exact same section of the CP and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we use on our servers are a mix of commercial ones from a security company and custom ones developed by our system administrators. Therefore, we provide higher security for your web programs as we can defend them from attacks before security companies release updates for new threats.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting Control Panel, so your web applications shall be secured from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you can disable it with a click via the corresponding section of Hepsia. You may also set it to work in detection mode, so it'll keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the very same section and provide information about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For best security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones which our administrators add manually so as to react to new risks that are still not addressed in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. Just in case that a web application doesn't operate adequately, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may occur, but won't take any action to prevent it. The logs created in passive or active mode shall give you more details about the exact file which was attacked, the form of the attack and the IP it came from, etc. This info shall allow you to choose what steps you can take to increase the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial bundle from a third-party security enterprise we work with, but from time to time our admins include their own rules as well when they identify a new potential threat.