ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting packages, so your Internet apps shall be protected against harmful attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are incredibly detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so forth. We employ a range of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity as a standard inside all semi-dedicated hosting packages, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a click. You will also be able to turn on a passive detection mode with which ModSecurity will maintain a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it came from, and so on. The list of rules which we employ is frequently updated in order to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our admins include in case they find a threat that is not present within the commercial list yet.
ModSecurity in Dedicated Hosting
ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web app does not work adequately, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may occur, but shall not take any action to prevent it. The logs generated in passive or active mode will provide you with additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, etcetera. This information will allow you to decide what actions you can take to enhance the protection of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial package from a third-party security enterprise we work with, but sometimes our admins include their own rules as well in case they find a new potential threat.