ModSecurity in Web Hosting
ModSecurity is available with each and every web hosting package that we provide and it is activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it disrupts any of your applications or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity area of Hepsia with merely a click. You may also use a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You'll be able to view extensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum protection of our clients we use a set of commercial firewall rules blended with custom ones which are provided by our system administrators.
ModSecurity in Dedicated Servers Hosting
ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the server. In case that a web app doesn't work correctly, you may either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which could take place, but shall not take any action to prevent it. The logs created in passive or active mode will give you more details about the exact file that was attacked, the type of the attack and the IP address it came from, and so on. This info will enable you to determine what measures you can take to improve the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security enterprise we work with, but oftentimes our administrators include their own rules also in case they discover a new potential threat.