ModSecurity in Website Hosting
We offer ModSecurity with all website hosting solutions, so your web apps will be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover within Hepsia are quite detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a group of commercial rules that are frequently updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
Any web app which you install within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting solutions and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall shall not stop anything, but it will still maintain a record of possible attacks. This requires just a mouse click and you shall be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall uses two groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually as to respond to newly discovered threats as soon as possible.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. Just in case that a web app does not work correctly, you may either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which might happen, but won't take any action to prevent it. The logs created in active or passive mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP it originated from, etc. This data shall permit you to determine what measures you can take to boost the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial bundle from a third-party security firm we work with, but from time to time our staff include their own rules too if they come across a new potential threat.