ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting plans, so your Internet apps will be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you shall be able to stop it through the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall find inside Hepsia are extremely detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etcetera. We use a group of commercial rules that are constantly updated, but sometimes our admins include custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer come with ModSecurity and given that the firewall is switched on by default, any Internet site that you set up under a domain or a subdomain shall be protected immediately. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still recognize possible attacks and will keep all information within a log as if it were fully active. The logs could be found inside the same section of the CP and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system administrators. Consequently, we offer higher security for your web programs as we can shield them from attacks even before security corporations release updates for completely new threats.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers we offer and it shall be switched on automatically for every new domain or subdomain you add on the hosting server. In this way, any web app which you install will be protected immediately without doing anything by hand on your end. The firewall may be handled through the section of the Control Panel that has the same name. This is the location in whichyou can disable ModSecurity or enable its passive mode, so it shall not take any action towards threats, but shall still keep a detailed log. The recorded info is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a blend between commercial ones that we obtain from a security company and custom ones which are included by our staff to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All of our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or set up shall be secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can help you to secure your sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you could see if a site needs an update, whether you need to block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well every time they discover a new threat that's not yet a part of the commercial bundle.