ModSecurity in Cloud Web Hosting
ModSecurity comes standard with all cloud web hosting solutions which we provide and it'll be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with just a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for each of your sites shall include elaborate info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and include both commercial ones which we get from a third-party security firm and custom ones that our system administrators add in the event that they detect a new type of attacks. This way, the websites which you host here will be a lot more secure without any action needed on your end.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you decide to host your websites with our company, there won't be anything special you'll have to do as the firewall is activated by default for all domains and subdomains which you include via your hosting Control Panel. If required, you'll be able to disable ModSecurity for a particular Internet site or turn on the so-called detection mode in which case the firewall will still operate and record data, but shall not do anything to prevent possible attacks on your sites. Detailed logs will be accessible inside your CP and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etcetera. We use two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our administrators often add to respond to newly identified threats in a timely manner.
ModSecurity in VPS Web Hosting
ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for every new domain or subdomain which you include on the hosting server. This way, any web app which you install will be secured right from the start without doing anything manually on your end. The firewall may be managed through the section of the Control Panel that has the same name. This is the place whereyou can turn off ModSecurity or let its passive mode, so it will not take any action towards threats, but will still keep a thorough log. The recorded information is available in the same area as well and you'll be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones which we obtain from a security company and custom ones which are added by our admins to optimize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or set up will be properly secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you'll discover in the logs can allow you to to secure your websites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you could see whether a site needs an update, if you should block IPs from accessing your web server, etc. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too if they discover a new threat that's not yet a part of the commercial bundle.