ModSecurity in Website Hosting
We offer ModSecurity with all website hosting plans, so your web apps shall be protected against harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover inside Hepsia are quite detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity as a standard in all semi-dedicated server plans, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any website with a click. You shall also have the ability to turn on a passive detection mode with which ModSecurity will maintain a log of potential attacks without actually stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etcetera. The list of rules that we use is regularly updated as to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our administrators add in case they find a threat that's not present in the commercial list yet.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it because it is switched on by default each time you add a new domain or subdomain on your server. In the event that it interferes with any of your programs, you will be able to stop it through the respective area of Hepsia, or you could leave it operating in passive mode, so it shall identify attacks and will still maintain a log for them, but will not prevent them. You can analyze the logs later to determine what you can do to increase the security of your sites since you shall find info such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they are regularly updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then as to deal with any new threats they have found.