ModSecurity in Shared Hosting
ModSecurity is supplied with all shared hosting servers, so when you choose to host your Internet sites with our organization, they'll be protected against a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You'll be able to view specific logs from your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the security of our clients' websites very seriously, we use a set of commercial rules which we get from one of the best companies which maintain this sort of rules. Our administrators also add custom rules to make sure that your websites shall be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard inside all semi-dedicated server plans, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to enable or disable the firewall for any site with a mouse click. You'll also be able to activate a passive detection mode in which ModSecurity shall maintain a log of potential attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etc. The list of rules we use is regularly updated in order to match any new risks which could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our administrators include if they discover a threat which is not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it shall be turned on automatically for every new domain or subdomain which you add on the server. This way, any web application that you install will be secured immediately without doing anything by hand on your end. The firewall could be handled through the section of the CP which bears the same name. This is the location in whichyou could switch off ModSecurity or let its passive mode, so it won't take any action towards threats, but will still maintain a detailed log. The recorded information is available within the same section as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a combination between commercial ones we get from a security company and custom ones which are added by our administrators to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any application that you upload or set up shall be protected from the very beginning and you will not need to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you shall discover in the logs can help you to secure your sites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this information, you could see whether an Internet site needs an update, if you should block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well every time they discover a new threat which is not yet included in the commercial bundle.