ModSecurity in Semi-dedicated Servers
We have included ModSecurity by default in all semi-dedicated server plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any website with a mouse click. You'll also have the ability to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so forth. The list of rules that we employ is regularly updated as to match any new risks which might appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our administrators add in case they find a threat that's not present in the commercial list yet.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the server. In the event that a web app does not operate properly, you could either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which could take place, but shall not take any action to stop it. The logs created in passive or active mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP address it originated from, etcetera. This data will enable you to decide what steps you can take to boost the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security company we work with, but occasionally our staff include their own rules as well in the event that they identify a new potential threat.