ModSecurity in Web Hosting
ModSecurity is available with every single web hosting plan which we offer and it's switched on by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it disrupts any of your programs or you would like to disable it for some reason, you will be able to do that through the ModSecurity section of Hepsia with merely a click. You may also activate a passive mode, so the firewall will discover possible attacks and keep a log, but won't take any action. You can see detailed logs in the same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum security of our customers we use a group of commercial firewall rules mixed with custom ones which are added by our system administrators.
ModSecurity in VPS
Protection is vital to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not need to do anything manually. You will also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks that you can later analyze, but won't block them. The logs in both passive and active modes offer info about the kind of the attack and how it was prevented, what IP it originated from and other useful data that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Beyond the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules as from time to time we discover specific attacks which aren't yet present inside the commercial pack. That way, we can easily boost the protection of your VPS in a timely manner as opposed to waiting for a certified update.