ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting plans, so your web apps shall be protected against harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall discover inside Hepsia are quite detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so forth. We employ a range of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity as a standard within all semi-dedicated server packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any site with a click. You will also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack initiated, where it came from, etcetera. The list of rules that we employ is frequently updated as to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones which our admins include if they discover a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting Control Panel, so your web programs shall be secured from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you could disable it with a click of your mouse from the corresponding section of Hepsia. You can also set it to operate in detection mode, so it'll maintain a detailed log of any potential attacks without taking any action to prevent them. The logs can be found inside the same section and include details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we employ not simply commercial rules from a company operating in the field of web security, but also custom ones our administrators add personally in order to respond to new threats that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or set up shall be secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll discover in the logs shall help you to secure your websites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this information, you'll be able to see whether a site needs an update, if you need to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our admins include custom ones too when they come across a new threat that is not yet in the commercial bundle.