ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting solutions that we provide and it shall be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites will include elaborate info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and include both commercial ones we get from a third-party security company and custom ones our system admins include in case that they detect a new kind of attacks. This way, the sites you host here shall be way more secure with no action required on your end.
ModSecurity in Semi-dedicated Hosting
Any web app that you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is included with all our hosting packages and is activated by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall will not stop anything, but it will still keep a record of potential attacks. This requires only a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall uses 2 groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our admins update personally as to respond to newly discovered risks immediately.
ModSecurity in VPS Hosting
Safety is of the utmost importance to us, so we set up ModSecurity on all virtual private servers that are made available with the Hepsia CP by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not need to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it'll maintain a log of possible attacks you can later examine, but won't block them. The logs in both passive and active modes include details about the form of the attack and how it was stopped, what IP it originated from and other valuable data that could help you to tighten the security of your sites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules as every now and then we detect specific attacks which aren't yet present inside the commercial pack. That way, we can easily increase the protection of your Virtual private server in a timely manner rather than awaiting a certified update.
ModSecurity in Dedicated Web Hosting
All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app you upload or install shall be secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you will see in the logs can enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you can see if a site needs an update, if you need to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too if they discover a new threat that's not yet included in the commercial bundle.