ModSecurity in Shared Hosting
ModSecurity is offered with each shared hosting solution that we offer and it's turned on by default for every domain or subdomain which you include via your Hepsia Control Panel. If it disrupts any of your apps or you would like to disable it for some reason, you will be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You may also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You can view detailed logs in the very same section, including the IP address where the attack came from, what exactly the attacker tried to do and at what time, what ModSecurity did, etc. For maximum protection of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans which we offer come with ModSecurity and given that the firewall is turned on by default, any site you create under a domain or a subdomain shall be secured right from the start. A separate section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still detect possible attacks and will keep all information inside a log as if it were fully active. The logs could be found inside the same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. Consequently, we offer increased security for your web apps as we can defend them from attacks before security corporations release updates for brand new threats.
ModSecurity in Dedicated Hosting
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In the event that a web application doesn't work properly, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that could happen, but won't take any action to stop it. The logs generated in active or passive mode shall offer you additional details about the exact file that was attacked, the type of the attack and the IP it came from, etc. This information shall allow you to decide what steps you can take to increase the safety of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security company we work with, but from time to time our administrators include their own rules as well if they come across a new potential threat.