ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting solutions which we supply and it shall be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with just a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for any of your sites shall contain in-depth info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and consist of both commercial ones we get from a third-party security business and custom ones that our system administrators include in the event that they detect a new type of attacks. In this way, the Internet sites which you host here shall be much more protected with no action required on your end.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web apps will be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a click of your mouse from the corresponding section of Hepsia. You may also set it to work in detection mode, so it will maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the same section and offer information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not just commercial rules from a company working in the field of web security, but also custom ones that our admins include personally so as to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it since it is activated by default every time you add a new domain or subdomain on your server. In case it disrupts some of your applications, you will be able to stop it via the respective area of Hepsia, or you may leave it in passive mode, so it shall recognize attacks and shall still maintain a log for them, but won't prevent them. You can look at the logs later to find out what you can do to improve the safety of your sites since you will find details such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules we use are commercial, thus they're regularly updated by a security provider, but to be on the safe side, our staff also include custom rules occasionally as to respond to any new threats they have identified.