ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting solutions, so your Internet apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective area of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will discover within Hepsia are extremely detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules that are frequently updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
Any web application you install in your new semi-dedicated server account shall be protected by ModSecurity since the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area in Hepsia where not only can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall won't block anything, but it shall still maintain an archive of possible attacks. This normally requires simply a mouse click and you shall be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our admins update manually in order to respond to newly discovered risks at the earliest opportunity.
ModSecurity in VPS Servers
Safety is vital to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't have to do anything manually. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of potential attacks that you can later study, but shall not stop them. The logs in both passive and active modes offer information regarding the type of the attack and how it was stopped, what IP it originated from and other useful data which may help you to tighten the security of your sites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules as from time to time we identify specific attacks that are not yet present within the commercial pack. That way, we could improve the protection of your Virtual private server promptly instead of awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it's enabled by default each time you add a new domain or subdomain on your web server. In the event that it disrupts some of your applications, you will be able to stop it via the respective part of Hepsia, or you may leave it in passive mode, so it shall identify attacks and will still maintain a log for them, but shall not block them. You could analyze the logs later to find out what you can do to improve the protection of your Internet sites as you will find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules that we use are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally in order to react to any new threats they have discovered.