ModSecurity in Cloud Web Hosting
ModSecurity comes by default with all cloud web hosting solutions which we offer and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with just a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites will contain in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security firm and custom ones that our system admins add in case that they detect a new kind of attacks. In this way, the sites you host here will be far more protected without any action required on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages that we offer come with ModSecurity and since the firewall is switched on by default, any website you set up under a domain or a subdomain shall be protected right away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all data within a log as if it were completely active. The logs can be found in the exact same section of the Control Panel and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we use on our servers are a mix between commercial ones from a security firm and custom ones made by our system administrators. As a result, we provide greater security for your web apps as we can shield them from attacks even before security businesses release updates for brand new threats.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In the event that a web app doesn't work adequately, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that could take place, but shall not take any action to stop it. The logs generated in passive or active mode will offer you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, etc. This data shall allow you to decide what measures you can take to increase the security of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial bundle from a third-party security company we work with, but oftentimes our administrators include their own rules as well in the event that they discover a new potential threat.