ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you decide to host your sites with us, there won't be anything special you will have to do since the firewall is switched on by default for all domains and subdomains which you include via your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall shall still function and record info, but will not do anything to prevent possible attacks on your Internet sites. Detailed logs shall be accessible in your Control Panel and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our administrators sometimes add to respond to newly identified threats promptly.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers which we offer and it will be turned on automatically for any new domain or subdomain that you include on the machine. That way, any web application you install shall be secured immediately without doing anything manually on your end. The firewall could be managed through the section of the CP that has the same name. This is the area in whichyou'll be able to switch off ModSecurity or activate its passive mode, so it shall not take any action toward threats, but will still keep a detailed log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a mix between commercial ones we obtain from a security organization and custom ones that are added by our administrators to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In case that a web app does not function adequately, you may either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack that may take place, but won't take any action to prevent it. The logs generated in passive or active mode shall present you with more details about the exact file that was attacked, the nature of the attack and the IP it came from, and so forth. This info will allow you to decide what steps you can take to increase the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security enterprise we work with, but sometimes our administrators add their own rules as well in case they identify a new potential threat.