ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting plans which we supply and it shall be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and disable it with only a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your websites shall contain in-depth information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are frequently updated and comprise of both commercial ones which we get from a third-party security business and custom ones our system admins add in case that they detect a new type of attacks. This way, the sites you host here shall be a lot more protected without any action expected on your end.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity as a standard inside all semi-dedicated hosting plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a click. You'll also have the ability to activate a passive detection mode in which ModSecurity will maintain a log of potential attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we employ is constantly updated as to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our administrators add in the event that they discover a threat that is not present within the commercial list yet.
ModSecurity in VPS
Safety is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not have to do anything by hand. You will also be able to deactivate it or switch on the so-called detection mode, so it will maintain a log of potential attacks which you can later examine, but won't prevent them. The logs in both passive and active modes include information regarding the kind of the attack and how it was prevented, what IP address it originated from and other valuable info which might help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules as occasionally we find specific attacks that are not yet present within the commercial package. This way, we could boost the security of your VPS immediately as opposed to awaiting an official update.
ModSecurity in Dedicated Hosting
All our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any application you upload or install shall be properly secured from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall discover in the logs can easily allow you to to secure your sites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this information, you could see whether a site needs an update, whether you need to block IPs from accessing your web server, and so on. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well if they find a new threat which is not yet included in the commercial bundle.