ModSecurity in Hosting
ModSecurity is available with each and every hosting solution which we offer and it's turned on by default for every domain or subdomain which you include via your Hepsia CP. In case it interferes with any of your programs or you would like to disable it for any reason, you will be able to accomplish that through the ModSecurity section of Hepsia with just a click. You may also use a passive mode, so the firewall will identify potential attacks and keep a log, but won't take any action. You can see detailed logs in the very same section, including the IP where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum security of our clients we use a set of commercial firewall rules mixed with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Servers
Any web app that you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not simply can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall will not block anything, but it will still keep an archive of potential attacks. This requires simply a mouse click and you shall be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall employs 2 sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one that our administrators update personally as to respond to newly discovered threats as soon as possible.
ModSecurity in VPS Servers
Safety is vital to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything by hand. You will also be able to disable it or turn on the so-called detection mode, so it shall keep a log of possible attacks you can later examine, but shall not stop them. The logs in both passive and active modes include information regarding the kind of the attack and how it was stopped, what IP it originated from and other important data which could help you to tighten the security of your sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules because from time to time we find specific attacks which aren't yet present within the commercial package. This way, we could improve the security of your VPS promptly instead of waiting for an official update.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it since it's enabled by default whenever you add a new domain or subdomain on your server. If it interferes with any of your applications, you shall be able to stop it via the respective area of Hepsia, or you may leave it working in passive mode, so it shall identify attacks and shall still keep a log for them, but will not block them. You could look at the logs later to find out what you can do to boost the safety of your websites as you will find info such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, and so forth. The rules that we use are commercial, hence they're regularly updated by a security firm, but to be on the safe side, our administrators also include custom rules occasionally as to react to any new threats they have found.