ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting solutions, so your web apps shall be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective area of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find inside Hepsia are quite detailed and include information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules which are often updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you opt to host your websites with our company, there shall not be anything special you will have to do as the firewall is turned on by default for all domains and subdomains which you include through your hosting CP. If necessary, you can disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to stop possible attacks against your websites. Comprehensive logs shall be available within your Control Panel and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so on. We use 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones which our admins sometimes add to respond to newly found threats promptly.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In the event that a web application doesn't function correctly, you could either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which may happen, but shall not take any action to stop it. The logs created in passive or active mode shall present you with more details about the exact file which was attacked, the type of the attack and the IP it came from, and so forth. This data shall enable you to determine what steps you can take to improve the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial package from a third-party security firm we work with, but oftentimes our administrators add their own rules too when they come across a new potential threat.