ModSecurity in Cloud Hosting
ModSecurity is offered with each and every cloud hosting package which we provide and it's activated by default for any domain or subdomain that you add via your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a click. You could also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You can view comprehensive logs in the same section, including the IP where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, etc. For max security of our customers we use a collection of commercial firewall rules combined with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity as a standard within all semi-dedicated hosting plans, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You will also be able to switch on a passive detection mode in which ModSecurity will keep a log of potential attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack caused, where it came from, etcetera. The list of rules which we employ is regularly updated as to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our administrators add in the event that they find a threat which is not present in the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to use it because it's turned on by default each time you add a new domain or subdomain on your server. If it interferes with any of your applications, you will be able to stop it through the respective section of Hepsia, or you could leave it in passive mode, so it will recognize attacks and shall still maintain a log for them, but shall not block them. You can look at the logs later to find out what you can do to enhance the safety of your sites since you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules that we use are commercial, thus they are regularly updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally in order to deal with any new threats they have identified.