ModSecurity in Web Hosting
We offer ModSecurity with all web hosting solutions, so your web applications shall be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover in Hepsia are quite detailed and offer info about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We use a group of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. Just in case that a web app does not function adequately, you may either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any potential attack which could happen, but will not take any action to prevent it. The logs generated in active or passive mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it originated from, etc. This data will allow you to determine what steps you can take to enhance the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security provider we work with, but sometimes our staff add their own rules as well in case they find a new potential threat.