ModSecurity in Web Hosting
ModSecurity can be found with every web hosting plan which we offer and it's switched on by default for every domain or subdomain which you include via your Hepsia Control Panel. If it disrupts any of your apps or you'd like to disable it for any reason, you will be able to do this through the ModSecurity area of Hepsia with simply a click. You can also use a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You can view detailed logs in the same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum protection of our customers we use a collection of commercial firewall rules combined with custom ones which are added by our system admins.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity as a standard in all semi-dedicated hosting products, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will allow you to switch on or disable the firewall for any website with a mouse click. You'll also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack triggered, where it came from, etcetera. The list of rules which we use is constantly updated as to match any new threats that might appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones which our admins include in case they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it'll be switched on automatically for any new domain or subdomain which you add on the machine. In this way, any web application that you install shall be secured from the very beginning without doing anything manually on your end. The firewall can be managed through the section of the CP which has the same name. This is the location in whichyou could disable ModSecurity or enable its passive mode, so it won't take any action against threats, but will still maintain a thorough log. The recorded info is available in the same section as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we employ on our servers are a mixture between commercial ones that we get from a security firm and custom ones that are included by our staff to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
All our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any program that you upload or install shall be properly secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall find in the logs shall enable you to to secure your websites better - the IP address an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this information, you can see whether a website needs an update, whether you need to block IPs from accessing your web server, etcetera. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well if they come across a new threat that is not yet included in the commercial bundle.