ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting packages, so your web applications shall be resistant to harmful attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you will find inside Hepsia are quite detailed and include info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We use a set of commercial rules that are regularly updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Dedicated Hosting
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. Just in case that a web app does not work correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack that could take place, but will not take any action to stop it. The logs produced in active or passive mode will offer you more details about the exact file which was attacked, the form of the attack and the IP it came from, etc. This data shall allow you to determine what measures you can take to enhance the security of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security provider we work with, but sometimes our administrators include their own rules too in case they identify a new potential threat.