ModSecurity in Shared Hosting
ModSecurity is offered with every shared hosting solution that we provide and it's turned on by default for every domain or subdomain that you add via your Hepsia Control Panel. If it interferes with any of your applications or you'd like to disable it for some reason, you'll be able to do this through the ModSecurity section of Hepsia with only a click. You could also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You could view detailed logs in the very same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a group of commercial firewall rules mixed with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web program that you install in your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain which you add or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area within Hepsia where not simply could you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't stop anything, but it shall still keep a record of possible attacks. This requires just a mouse click and you'll be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall employs 2 groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our administrators update personally as to respond to newly discovered risks as soon as possible.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web programs shall be secured from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can deactivate it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the very same section and provide information regarding the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones our admins include personally so as to respond to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
All our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any program that you upload or install will be secured from the very beginning and you won't have to bother about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily enable you to to secure your sites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see if an Internet site needs an update, if you need to block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well whenever they come across a new threat that's not yet a part of the commercial bundle.