ModSecurity in Web Hosting
ModSecurity comes standard with all web hosting packages that we offer and it'll be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with simply a click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for each of your sites shall include elaborate information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new sort of attacks. In this way, the sites you host here shall be far more protected with no action required on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer come with ModSecurity and since the firewall is turned on by default, any website you create under a domain or a subdomain will be secured right away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still recognize possible attacks and shall keep all data in a log as if it were completely active. The logs can be found within the same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we use on our servers are a mix of commercial ones from a security firm and custom ones developed by our system admins. Consequently, we offer greater security for your web programs as we can protect them from attacks before security corporations release updates for new threats.
ModSecurity in VPS Servers
Protection is very important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia CP by default. The firewall could be managed via a dedicated section inside Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you will not have to do anything by hand. You shall also be able to deactivate it or switch on the so-called detection mode, so it will keep a log of possible attacks which you can later examine, but won't stop them. The logs in both passive and active modes offer info regarding the type of the attack and how it was stopped, what IP address it originated from and other useful information which might help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules as once in a while we discover specific attacks which aren't yet present inside the commercial package. That way, we can easily improve the security of your Virtual private server in a timely manner as opposed to awaiting an official update.
ModSecurity in Dedicated Servers
When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be protected straight away because ModSecurity is available with all Hepsia-based solutions. You will be able to manage the firewall effortlessly and if required, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what's going on without taking any action to stop potential attacks. The logs which you'll find within the very same section of the CP are very detailed and contain information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etc. This data will enable you to take measures and increase the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include when they identify attacks that haven't yet been included in the commercial pack.