ModSecurity in Website Hosting
ModSecurity is offered with every single website hosting solution that we provide and it's turned on by default for every domain or subdomain which you include through your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity area of Hepsia with simply a click. You can also use a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You'll be able to view extensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For max safety of our clients we use a group of commercial firewall rules blended with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a mouse click. You will also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without really stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etc. The list of rules we employ is regularly updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they discover a threat that is not present within the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it since it's turned on by default whenever you include a new domain or subdomain on your server. If it interferes with some of your apps, you'll be able to stop it through the respective section of Hepsia, or you can leave it in passive mode, so it will identify attacks and shall still maintain a log for them, but shall not prevent them. You can analyze the logs later to learn what you can do to increase the protection of your websites as you'll find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules once in a while in order to respond to any new threats they have identified.