ModSecurity in Web Hosting
ModSecurity comes standard with all web hosting packages which we provide and it'll be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites shall include elaborate info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and include both commercial ones which we get from a third-party security business and custom ones our system administrators add in the event that they detect a new kind of attacks. This way, the websites you host here shall be much more secure with no action required on your end.
ModSecurity in Semi-dedicated Servers
Any web application which you install in your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you may also enable a passive mode, so the firewall will not stop anything, but it'll still maintain a record of possible attacks. This normally requires only a click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etc. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one which our admins update manually in order to respond to recently discovered threats as quickly as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web applications shall be secured from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you could disable it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and provide details about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not just commercial rules from a business working in the field of web security, but also custom ones our administrators include personally in order to react to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you will not have to do anything specific on your end to use it since it is turned on by default each time you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you'll be able to stop it via the respective part of Hepsia, or you could leave it operating in passive mode, so it shall recognize attacks and shall still maintain a log for them, but will not prevent them. You could analyze the logs later to determine what you can do to enhance the protection of your sites since you will find info such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our admins also add custom rules every now and then in order to deal with any new threats they have found.