ModSecurity in Hosting
ModSecurity can be found with each hosting package that we offer and it is turned on by default for every domain or subdomain that you add through your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for whatever reason, you will be able to do this through the ModSecurity area of Hepsia with only a mouse click. You could also enable a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You could view extensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so on. For maximum protection of our clients we use a set of commercial firewall rules combined with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity as a standard within all semi-dedicated server products, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You will also be able to turn on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so on. The list of rules we employ is constantly updated as to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our administrators add if they find a threat which is not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain you include on the server. That way, any web app you install will be secured right away without doing anything by hand on your end. The firewall could be handled through the section of the Control Panel that bears the same name. This is the location in whichyou can switch off ModSecurity or let its passive mode, so it won't take any action against threats, but shall still maintain a detailed log. The recorded data is available in the same section as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones that we get from a security company and custom ones that are added by our administrators to enhance the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. Just in case that a web app doesn't operate correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may occur, but won't take any action to stop it. The logs created in active or passive mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This data will permit you to decide what steps you can take to enhance the protection of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial package from a third-party security firm we work with, but occasionally our staff include their own rules also in the event that they discover a new potential threat.