ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting plans which we provide and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones our system administrators add in the event that they detect a new type of attacks. In this way, the Internet sites which you host here shall be a lot more protected with no action needed on your end.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you opt to host your websites with our company, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains which you add using your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks against your sites. Comprehensive logs shall be accessible inside your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our administrators often add to respond to newly identified threats promptly.
ModSecurity in Dedicated Servers Hosting
ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app does not work correctly, you can either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which could occur, but shall not take any action to stop it. The logs generated in passive or active mode will give you more details about the exact file which was attacked, the type of the attack and the IP it originated from, and so on. This information shall allow you to decide what measures you can take to increase the safety of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial pack from a third-party security company we work with, but occasionally our staff add their own rules too in the event that they identify a new potential threat.