ModSecurity in Cloud Hosting
ModSecurity is available on all cloud hosting servers, so when you choose to host your Internet sites with our business, they'll be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs through your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the security of our customers' sites seriously, we employ a collection of commercial rules which we get from one of the leading firms that maintain this kind of rules. Our admins also add custom rules to ensure that your sites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer include ModSecurity and because the firewall is switched on by default, any site which you set up under a domain or a subdomain shall be secured right away. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still recognize possible attacks and will keep all data inside a log as if it were 100% active. The logs can be found within the exact same section of the CP and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules which we use on our servers are a mix between commercial ones from a security firm and custom ones made by our system administrators. For that reason, we provide increased security for your web applications as we can protect them from attacks even before security companies release updates for new threats.
ModSecurity in Dedicated Hosting
ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In case that a web app doesn't operate correctly, you could either disable the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any possible attack that could occur, but shall not take any action to stop it. The logs generated in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, and so forth. This information will allow you to decide what measures you can take to improve the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial package from a third-party security company we work with, but sometimes our admins add their own rules as well if they find a new potential threat.