ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting plans that we provide and it shall be activated automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for any of your Internet sites will contain elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are constantly updated and incorporate both commercial ones we get from a third-party security company and custom ones our system admins add in the event that they detect a new sort of attacks. That way, the websites you host here will be way more protected without any action needed on your end.
ModSecurity in Semi-dedicated Servers
Any web application you install inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting packages and is activated by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't stop anything, but it'll still maintain an archive of potential attacks. This normally requires simply a mouse click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually as to respond to recently discovered risks immediately.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web programs will be secured from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and offer info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not simply commercial rules from a business operating in the field of web security, but also custom ones our administrators add manually in order to respond to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the web server. In the event that a web app doesn't work adequately, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any potential attack which may occur, but will not take any action to stop it. The logs produced in active or passive mode shall provide you with additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, and so forth. This info shall permit you to decide what steps you can take to improve the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial bundle from a third-party security enterprise we work with, but occasionally our admins include their own rules as well in case they discover a new potential threat.