ModSecurity in Website Hosting
ModSecurity is available with every single website hosting package that we provide and it's switched on by default for any domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your applications or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with simply a click. You may also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but shall not take any action. You can see comprehensive logs in the same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a group of commercial firewall rules mixed with custom ones that are provided by our system admins.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard within all semi-dedicated server products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to activate or turn off the firewall for any site with a click. You'll also be able to turn on a passive detection mode in which ModSecurity shall keep a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so forth. The list of rules we use is constantly updated in order to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our admins add in case they find a threat that's not present inside the commercial list yet.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or install will be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs can enable you to to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see if a site needs an update, whether you should block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well when they come across a new threat which is not yet in the commercial bundle.