ModSecurity in Shared Web Hosting
ModSecurity is supplied with all shared web hosting web servers, so when you decide to host your Internet sites with our business, they'll be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You shall be able to view detailed logs via your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the protection of our customers' websites very seriously, we use a group of commercial rules that we take from one of the leading companies that maintain this kind of rules. Our admins also add custom rules to ensure that your Internet sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity as a standard within all semi-dedicated server products, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any Internet site with a click. You'll also be able to switch on a passive detection mode through which ModSecurity shall maintain a log of potential attacks without actually preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it originated from, etcetera. The list of rules which we use is constantly updated as to match any new threats that might appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones that our admins add if they discover a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the machine, so there will not be anything special that you shall have to do to protect your websites. It shall take you a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to see the logs produced in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to handle it, etcetera. We use a mixture of commercial and custom rules so as to make sure that ModSecurity shall prevent as many risks as possible, hence boosting the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. In the event that a web application does not function adequately, you may either disable the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that might happen, but will not take any action to prevent it. The logs produced in active or passive mode shall present you with more details about the exact file that was attacked, the form of the attack and the IP it originated from, and so forth. This info will enable you to choose what actions you can take to improve the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial package from a third-party security provider we work with, but sometimes our administrators add their own rules also in the event that they find a new potential threat.