ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting plans and if you decide to host your Internet sites with our company, there shall not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains that you include through your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular Internet site or enable the so-called detection mode in which case the firewall will still function and record data, but will not do anything to stop potential attacks against your websites. In depth logs will be readily available in your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so forth. We use 2 kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our admins often add to respond to newly found risks in a timely manner.
ModSecurity in VPS
ModSecurity is included with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for every new domain or subdomain that you add on the web server. In this way, any web app you install will be protected from the very beginning without doing anything by hand on your end. The firewall can be handled via the section of the CP which has the same name. This is the area in whichyou can turn off ModSecurity or activate its passive mode, so it won't take any action against threats, but shall still maintain a thorough log. The recorded data is available within the same section as well and you will be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we use on our servers are a mix between commercial ones we obtain from a security firm and custom ones that are included by our administrators to improve the protection of any web applications hosted on our end.
ModSecurity in Dedicated Hosting
All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any app which you upload or install will be properly secured from the very beginning and you will not need to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily help you to secure your sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you can see whether a site needs an update, whether you should block IPs from accessing your server, and so forth. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too whenever they discover a new threat that's not yet in the commercial bundle.