ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting servers, so if you opt to host your websites with our firm, they'll be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our customers' Internet sites very seriously, we use a group of commercial rules which we take from one of the top companies which maintain this kind of rules. Our admins also add custom rules to make certain that your websites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your websites with our company, there won't be anything special you will have to do since the firewall is switched on by default for all domains and subdomains which you include through your hosting CP. If required, you'll be able to disable ModSecurity for a particular site or switch on the so-called detection mode in which case the firewall shall still function and record info, but won't do anything to stop potential attacks on your websites. In depth logs will be available inside your Control Panel and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so on. We use 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones which our administrators occasionally include to respond to newly identified risks promptly.
ModSecurity in VPS Servers
Safety is extremely important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section inside Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you won't have to do anything by hand. You will also be able to deactivate it or activate the so-called detection mode, so it shall keep a log of possible attacks which you can later analyze, but will not block them. The logs in both passive and active modes include details about the kind of the attack and how it was eliminated, what IP address it originated from and other important information which might help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules because occasionally we discover specific attacks that aren't yet present inside the commercial package. This way, we could improve the protection of your VPS in a timely manner rather than waiting for an official update.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application that you upload or set up shall be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll see in the logs can easily help you to secure your websites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this information, you could see if a website needs an update, whether you ought to block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well when they come across a new threat which is not yet in the commercial bundle.