ModSecurity in Cloud Web Hosting
ModSecurity comes by default with all cloud web hosting plans which we offer and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with a click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your websites will feature in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are frequently updated and consist of both commercial ones we get from a third-party security business and custom ones our system admins add in case that they detect a new sort of attacks. In this way, the sites that you host here shall be way more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
Any web app which you install inside your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain that you add or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not only could you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall won't block anything, but it will still maintain an archive of potential attacks. This normally requires simply a click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall uses two groups of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to recently discovered risks as soon as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it as it is switched on by default each time you add a new domain or subdomain on your server. In case it interferes with some of your programs, you will be able to stop it through the respective part of Hepsia, or you could leave it in passive mode, so it shall detect attacks and shall still keep a log for them, but will not stop them. You'll be able to look at the logs later to find out what you can do to boost the security of your sites since you shall find information such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules that we use are commercial, thus they're constantly updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then in order to react to any new threats they have discovered.