ModSecurity in Shared Web Hosting
ModSecurity is supplied with all shared web hosting web servers, so when you decide to host your websites with our business, they will be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view detailed logs via your Hepsia CP including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our clients' Internet sites seriously, we use a set of commercial rules which we take from one of the leading firms that maintain this sort of rules. Our admins also include custom rules to make sure that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity as a standard in all semi-dedicated server products, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a mouse click. You will also be able to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we employ is regularly updated as to match any new risks that might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our administrators include if they find a threat that is not present in the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there will not be anything special which you'll need to do to protect your websites. It shall take you simply a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to see the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so on. We employ a combination of commercial and custom rules in order to ensure that ModSecurity will prevent as many threats as possible, consequently enhancing the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. In case that a web application does not work adequately, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that may happen, but will not take any action to prevent it. The logs generated in passive or active mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP address it came from, etc. This information shall enable you to determine what steps you can take to increase the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial package from a third-party security firm we work with, but oftentimes our administrators include their own rules too if they discover a new potential threat.