ModSecurity in Shared Website Hosting
ModSecurity is offered with each and every shared website hosting solution which we provide and it's activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it interferes with any of your applications or you'd like to disable it for any reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with simply a click. You could also activate a passive mode, so the firewall will detect possible attacks and maintain a log, but shall not take any action. You could view comprehensive logs in the exact same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a collection of commercial firewall rules blended with custom ones which are included by our system admins.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is enabled by default, any Internet site that you create under a domain or a subdomain will be secured immediately. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and shall keep all info within a log as if it were 100% active. The logs can be found within the exact same section of the Control Panel and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our machines are a mix between commercial ones from a security business and custom ones made by our system admins. Consequently, we offer greater security for your web apps as we can shield them from attacks before security firms release updates for brand new threats.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be activated automatically for any new domain or subdomain which you add on the server. That way, any web application which you install shall be secured right from the start without doing anything manually on your end. The firewall could be managed from the section of the CP which has the same name. This is the place in whichyou can switch off ModSecurity or activate its passive mode, so it will not take any action toward threats, but shall still maintain a comprehensive log. The recorded info is available inside the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a combination between commercial ones that we get from a security company and custom ones that are added by our staff to maximize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application you upload or set up shall be protected from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can allow you to to secure your Internet sites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this information, you could see whether a website needs an update, whether you ought to block IPs from accessing your server, and so forth. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too when they come across a new threat that's not yet included in the commercial bundle.