ModSecurity in Semi-dedicated Servers
Any web app which you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you could also activate a passive mode, so the firewall won't stop anything, but it will still maintain a record of possible attacks. This requires only a click and you'll be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually in order to respond to newly discovered threats as quickly as possible.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or install will be protected from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall see in the logs can easily allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you can see whether a site needs an update, if you ought to block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well if they find a new threat that's not yet a part of the commercial bundle.