ModSecurity in Shared Website Hosting
ModSecurity can be found with each shared website hosting package which we offer and it is activated by default for any domain or subdomain which you include through your Hepsia CP. In case it disrupts any of your applications or you'd like to disable it for any reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will recognize possible attacks and maintain a log, but will not take any action. You can view detailed logs in the same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so on. For optimum safety of our customers we use a set of commercial firewall rules mixed with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your Internet sites with us, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains that you add using your hosting Control Panel. If required, you'll be able to disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall will still work and record information, but will not do anything to stop possible attacks on your sites. In depth logs shall be readily available inside your Control Panel and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We use two types of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones that our admins occasionally add to respond to newly found threats in a timely manner.
ModSecurity in VPS Servers
Security is very important to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you will not have to do anything personally. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of possible attacks that you can later study, but shall not block them. The logs in both passive and active modes offer information about the type of the attack and how it was eliminated, what IP address it came from and other useful data which could help you to tighten the security of your websites by updating them or blocking IPs, as an example. On top of the commercial rules we get for ModSecurity from a third-party security enterprise, we also implement our own rules as every now and then we identify specific attacks which aren't yet present within the commercial pack. That way, we can easily improve the security of your VPS right away instead of awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to use it because it is switched on by default each time you include a new domain or subdomain on your server. If it disrupts some of your programs, you'll be able to stop it via the respective section of Hepsia, or you may leave it operating in passive mode, so it'll recognize attacks and will still maintain a log for them, but shall not block them. You'll be able to examine the logs later to determine what you can do to improve the protection of your sites since you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so on. The rules we use are commercial, hence they are frequently updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while as to react to any new threats they have identified.