ModSecurity in Cloud Website Hosting
ModSecurity is available with each and every cloud website hosting solution which we offer and it's activated by default for any domain or subdomain that you add via your Hepsia CP. In case it interferes with any of your applications or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You could also use a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You could see extensive logs in the exact same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a collection of commercial firewall rules combined with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your sites with our company, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you include via your hosting CP. If necessary, you can disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still function and record information, but shall not do anything to prevent possible attacks on your Internet sites. Detailed logs shall be readily available in your Control Panel and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones that our admins sometimes add to respond to newly identified threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be activated automatically for every new domain or subdomain which you include on the server. In this way, any web application you install will be secured immediately without doing anything manually on your end. The firewall may be handled through the section of the Control Panel that bears the same name. This is the location in whichyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action against threats, but will still maintain a detailed log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we employ on our servers are a mixture between commercial ones which we get from a security company and custom ones which are included by our staff to enhance the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In the event that a web application does not work properly, you can either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may happen, but shall not take any action to stop it. The logs created in passive or active mode will give you more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, etc. This data will enable you to decide what actions you can take to boost the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security enterprise we work with, but from time to time our admins add their own rules also in case they identify a new potential threat.