ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting solutions, so your web applications will be shielded from harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover within Hepsia are incredibly detailed and offer data about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so on. We use a group of commercial rules which are often updated, but sometimes our admins add custom rules as well so as to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web application you install inside your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section inside Hepsia where not simply can you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall shall not block anything, but it'll still keep a record of potential attacks. This requires only a click and you'll be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall employs 2 sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally as to respond to recently discovered risks immediately.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be turned on automatically for any new domain or subdomain that you include on the machine. That way, any web application which you install will be protected right away without doing anything personally on your end. The firewall can be managed via the section of the CP which bears the same name. This is the area whereyou can disable ModSecurity or let its passive mode, so it will not take any action against threats, but will still keep a detailed log. The recorded information is available inside the same section as well and you shall be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones we get from a security firm and custom ones which are included by our admins to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it's activated by default whenever you add a new domain or subdomain on your web server. In the event that it disrupts some of your apps, you will be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it'll recognize attacks and will still keep a log for them, but will not stop them. You could examine the logs later to find out what you can do to boost the protection of your Internet sites since you shall find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules which we use are commercial, thus they are constantly updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally as to deal with any new threats they have identified.