ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting packages, so your web applications shall be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall discover inside Hepsia are quite detailed and feature info about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so forth. We use a range of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard within all semi-dedicated server plans, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a click. You'll also be able to turn on a passive detection mode with which ModSecurity will maintain a log of potential attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, etc. The list of rules that we use is regularly updated in order to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators include in the event that they discover a threat that is not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting Control Panel, so your web programs will be protected from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you can disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to function in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For optimum security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones our administrators add personally so as to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any application that you upload or install shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you shall find in the logs can enable you to to secure your sites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you can see whether a website needs an update, if you ought to block IPs from accessing your hosting server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well when they find a new threat that is not yet in the commercial bundle.