ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting packages, so your web apps will be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are incredibly detailed and include information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are frequently updated, but sometimes our admins add custom rules as well so as to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web application which you set up inside your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall will not stop anything, but it'll still keep a record of potential attacks. This requires only a click and you'll be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually in order to respond to recently discovered threats immediately.
ModSecurity in VPS Web Hosting
Safety is extremely important to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You'll also be able to deactivate it or switch on the so-called detection mode, so it shall maintain a log of possible attacks that you can later analyze, but shall not prevent them. The logs in both passive and active modes include information about the form of the attack and how it was prevented, what IP address it came from and other useful data that might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules as once in a while we discover specific attacks which aren't yet present within the commercial pack. This way, we can boost the security of your Virtual private server promptly instead of awaiting a certified update.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or install will be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall find in the logs can allow you to to secure your websites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see if an Internet site needs an update, if you ought to block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too whenever they come across a new threat that's not yet in the commercial bundle.