ModSecurity, or modsec, is an application firewall. The most common acronym is WAF , which comes from Web Application Firewall . Being more detailed, it allows you to monitor and control access to websites in real time.
Real-time security monitoring
ModSecurity provides access to the HTTP traffic stream in real time, adding the ability to inspect it. This enables real-time security monitoring. There is an additional dimension to what is possible through the persistent storage mechanism of ModSecurity, which allows you to trace system elements over time and perform event correlation.
HTTP Full Traffic Log
ModSecurity allows you to be able to record any information you need, including raw transaction data, which is essential for forensic analysis. In addition, you can choose which transactions are logged, which parts of a transaction are registered, and which parts are cleaned .
Graphic explanation of operation
Continuous passive safety evaluation
Security assessment is widely viewed as an active scheduled event, in which an independent team originates to attempt a simulated attack. Continuous passive safety assessment is a variation of real-time monitoring where, instead of focusing on the behavior of external parts, we focus on the behavior of the system itself. It is a type of alert system that detects traces of abnormalities and weaknesses before being exploited.
Web application hardening
One of the uses is the reduction of the attack surface. It does not restrict the HTTP resources it is willing to accept (for example, request methods, request headers, content types, etc.). ModSecurity helps enforce many similar constraints, either directly or through collaboration with other Apache modules. They all fall into the concept of hardening . For example, you can fix many session management issues as well as cross-site request spoofing vulnerabilities.
Now when we tell you that we have blocked an attack on your website / application through ModSecurity, you will no longer doubt that you have made a good choice when you host with DesiVPS