ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions which we offer feature ModSecurity and given that the firewall is switched on by default, any Internet site you set up under a domain or a subdomain shall be secured immediately. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all info inside a log as if it were fully active. The logs can be found in the very same section of the CP and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. Consequently, we provide increased security for your web apps as we can protect them from attacks even before security businesses release updates for brand new threats.
ModSecurity in Dedicated Hosting
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. Just in case that a web app does not work correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack that could take place, but will not take any action to stop it. The logs produced in active or passive mode will offer you more details about the exact file which was attacked, the form of the attack and the IP it came from, etc. This data shall allow you to determine what measures you can take to enhance the security of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security provider we work with, but sometimes our administrators include their own rules too in case they identify a new potential threat.