ModSecurity in Website Hosting
ModSecurity is available with each and every website hosting solution that we provide and it is turned on by default for every domain or subdomain which you include via your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity area of Hepsia with just a click. You may also activate a passive mode, so the firewall will identify potential attacks and keep a log, but will not take any action. You'll be able to view detailed logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For maximum protection of our customers we use a group of commercial firewall rules mixed with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting plans and if you opt to host your websites with us, there shall not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains that you include via your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still function and record info, but shall not do anything to stop potential attacks against your sites. Detailed logs will be readily available in your CP and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etc. We use 2 kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones which our administrators often include to respond to newly discovered risks in a timely manner.
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based virtual private servers we offer and it'll be switched on automatically for every new domain or subdomain that you add on the server. In this way, any web app you install will be protected right away without doing anything manually on your end. The firewall may be managed through the section of the Control Panel that has the same name. This is the area whereyou could switch off ModSecurity or activate its passive mode, so it shall not take any action against threats, but will still maintain a thorough log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones that we get from a security firm and custom ones which are added by our admins to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
All of our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program that you upload or install shall be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you will see in the logs shall allow you to to secure your sites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you can see if a website needs an update, whether you should block IPs from accessing your hosting server, and so on. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones too whenever they find a new threat that is not yet a part of the commercial bundle.