ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting web servers, so if you choose to host your Internet sites with our firm, they will be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our clients' Internet sites seriously, we use a selection of commercial rules which we get from one of the leading firms that maintain this sort of rules. Our administrators also include custom rules to ensure that your sites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity as a standard inside all semi-dedicated server packages, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any Internet site with a mouse click. You will also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack caused, where it came from, etcetera. The list of rules which we use is constantly updated as to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our administrators add in case they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web apps will be secured from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you could deactivate it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it will keep a detailed log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we use not simply commercial rules from a company operating in the field of web security, but also custom ones that our admins add personally so as to respond to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. Just in case that a web app does not operate adequately, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which might happen, but shall not take any action to stop it. The logs produced in passive or active mode shall give you more details about the exact file which was attacked, the nature of the attack and the IP it came from, etcetera. This data will permit you to determine what measures you can take to increase the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial package from a third-party security firm we work with, but sometimes our administrators include their own rules too in case they discover a new potential threat.