ModSecurity in Website Hosting
ModSecurity can be found with each website hosting solution that we provide and it's activated by default for any domain or subdomain that you add through your Hepsia Control Panel. In case it interferes with any of your applications or you'd like to disable it for some reason, you shall be able to do this through the ModSecurity area of Hepsia with merely a mouse click. You can also activate a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You could view detailed logs in the exact same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a collection of commercial firewall rules blended with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity as a standard in all semi-dedicated server packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any Internet site with a click. You will also have the ability to activate a passive detection mode in which ModSecurity will keep a log of possible attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack triggered, where it came from, and so on. The list of rules that we use is constantly updated as to match any new threats that could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones which our admins include in the event that they discover a threat that is not present within the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting CP, so your web programs shall be protected from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can disable it with a mouse click from the corresponding section of Hepsia. You could also set it to function in detection mode, so it will keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and offer information about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For best security, we use not just commercial rules from a company operating in the field of web security, but also custom ones that our administrators add manually in order to react to new threats that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
If you opt to host your sites on a dedicated server with the Hepsia CP, your web apps shall be secured right away since ModSecurity is supplied with all Hepsia-based packages. You'll be able to manage the firewall effortlessly and if necessary, you will be able to turn it off or enable its passive mode when it shall only keep a log of what is happening without taking any action to prevent potential attacks. The logs that you can find in the same section of the Control Panel are really detailed and include info about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etc. This info shall permit you to take measures and improve the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff add whenever they recognize attacks which have not yet been included in the commercial pack.