ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting solutions, so your web applications shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you will find within Hepsia are extremely detailed and include information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web application you install in your new semi-dedicated server account shall be protected by ModSecurity because the firewall is included with all our hosting packages and is activated by default for any domain and subdomain you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not simply can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall will not stop anything, but it will still keep a record of potential attacks. This takes only a mouse click and you shall be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etcetera. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually as to respond to recently discovered risks as soon as possible.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers which we offer and it will be switched on automatically for every new domain or subdomain you add on the server. That way, any web app that you install will be protected from the very beginning without doing anything manually on your end. The firewall can be handled through the section of the CP that has the same name. This is the area whereyou'll be able to turn off ModSecurity or let its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded information is available within the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a mixture between commercial ones which we obtain from a security firm and custom ones that are added by our admins to enhance the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it as it is switched on by default whenever you add a new domain or subdomain on your server. In case it disrupts any of your programs, you'll be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and will still keep a log for them, but shall not prevent them. You'll be able to look at the logs later to find out what you can do to increase the security of your sites as you shall find info such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules that we use are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our admins also add custom rules once in a while as to respond to any new threats they have identified.