ModSecurity in Hosting
We offer ModSecurity with all hosting packages, so your Internet applications shall be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you'll be able to stop it using the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll discover in Hepsia are very detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our admins include custom rules as well so as to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you choose to host your sites with our company, there shall not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains you add via your hosting CP. If necessary, you'll be able to disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall will still work and record data, but will not do anything to prevent possible attacks on your Internet sites. Detailed logs will be available in your CP and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We use two sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones that our admins sometimes add to respond to newly identified risks promptly.
ModSecurity in VPS Servers
Protection is essential to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia CP by default. The firewall could be managed through a dedicated section inside Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you won't have to do anything by hand. You will also be able to disable it or activate the so-called detection mode, so it shall keep a log of possible attacks you can later examine, but will not block them. The logs in both passive and active modes include details regarding the kind of the attack and how it was eliminated, what IP address it came from and other useful info which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules as occasionally we discover specific attacks which are not yet present inside the commercial pack. This way, we could boost the security of your VPS in a timely manner rather than awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web app doesn't operate correctly, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that might occur, but won't take any action to prevent it. The logs produced in active or passive mode will offer you more details about the exact file that was attacked, the form of the attack and the IP it came from, etcetera. This data shall allow you to decide what measures you can take to boost the protection of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial package from a third-party security enterprise we work with, but from time to time our administrators add their own rules also in the event that they find a new potential threat.