ModSecurity in Cloud Web Hosting
ModSecurity is provided with all cloud web hosting servers, so when you decide to host your websites with our firm, they'll be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if required, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs through your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the security of our clients' websites seriously, we use a selection of commercial rules which we get from one of the best companies which maintain this type of rules. Our admins also add custom rules to make sure that your websites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you choose to host your sites with us, there won't be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains which you add through your hosting CP. If needed, you could disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall will still work and record information, but shall not do anything to stop potential attacks against your websites. In depth logs shall be readily available in your CP and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We employ two types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our admins often include to respond to newly identified risks promptly.
ModSecurity in VPS Servers
Safety is vital to us, so we install ModSecurity on all VPS servers which are set up with the Hepsia CP by default. The firewall could be managed via a dedicated section within Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you won't have to do anything by hand. You'll also be able to deactivate it or switch on the so-called detection mode, so it will maintain a log of potential attacks that you can later analyze, but will not prevent them. The logs in both passive and active modes contain information regarding the kind of the attack and how it was stopped, what IP it originated from and other valuable information which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules as every now and then we detect specific attacks that are not yet present in the commercial package. That way, we could increase the security of your VPS in a timely manner as opposed to awaiting an official update.
ModSecurity in Dedicated Servers
If you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured immediately as ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall with ease and if necessary, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what is going on without taking any action to stop potential attacks. The logs which you can find within the same section of the Control Panel are incredibly detailed and feature data about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This information shall enable you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff add whenever they recognize attacks which haven't yet been included inside the commercial pack.