ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. In case that a web application doesn't function properly, you can either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any potential attack which may take place, but will not take any action to stop it. The logs generated in passive or active mode will present you with additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This info shall permit you to decide what actions you can take to boost the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial pack from a third-party security provider we work with, but sometimes our admins add their own rules as well when they identify a new potential threat.