ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting plans which we supply and it'll be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can activate and disable it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for any of your websites will feature comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are regularly updated and consist of both commercial ones that we get from a third-party security company and custom ones which our system admins include in case that they detect a new kind of attacks. In this way, the sites you host here shall be way more secure with no action needed on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer feature ModSecurity and because the firewall is enabled by default, any site that you set up under a domain or a subdomain shall be secured straight away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all information inside a log as if it were completely active. The logs could be found in the very same section of the Control Panel and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we use on our servers are a mix between commercial ones from a security business and custom ones made by our system administrators. Therefore, we provide higher security for your web apps as we can defend them from attacks even before security firms release updates for new threats.
ModSecurity in VPS Servers
Protection is extremely important to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia CP as a standard. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not have to do anything personally. You'll also be able to disable it or switch on the so-called detection mode, so it'll maintain a log of potential attacks which you can later examine, but shall not prevent them. The logs in both passive and active modes include information regarding the type of the attack and how it was prevented, what IP it originated from and other important information which may help you to tighten the security of your websites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security enterprise, we also use our own rules because occasionally we identify specific attacks that are not yet present in the commercial package. This way, we can easily increase the protection of your Virtual private server right away instead of awaiting a certified update.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any app which you upload or install shall be properly secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you shall find in the logs shall allow you to to secure your Internet sites better - the IP address an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you can see if a website needs an update, whether you ought to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones too if they find a new threat which is not yet a part of the commercial bundle.