ModSecurity in Cloud Hosting
ModSecurity can be found with every cloud hosting plan which we offer and it's activated by default for every domain or subdomain which you add through your Hepsia Control Panel. If it interferes with any of your apps or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity section of Hepsia with merely a mouse click. You can also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You can see comprehensive logs in the same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For max safety of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity as a standard inside all semi-dedicated server packages, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a mouse click. You will also be able to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack activated, where it came from, etc. The list of rules which we employ is regularly updated in order to match any new threats which might appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our admins add if they find a threat which is not present inside the commercial list yet.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is enabled by default each time you include a new domain or subdomain on your web server. In the event that it interferes with any of your programs, you'll be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and shall still keep a log for them, but won't stop them. You may examine the logs later to find out what you can do to boost the safety of your sites as you'll find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we employ are commercial, thus they're regularly updated by a security company, but to be on the safe side, our staff also add custom rules from time to time as to react to any new threats they have found.