{"id":7143,"date":"2026-06-12T14:43:08","date_gmt":"2026-06-12T17:43:08","guid":{"rendered":"https:\/\/helpsysadmin.com.br\/blog\/?p=7143"},"modified":"2026-06-12T15:00:13","modified_gmt":"2026-06-12T18:00:13","slug":"modsecurity-no-directadmin","status":"publish","type":"post","link":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/","title":{"rendered":"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a"},"content":{"rendered":"<div id=\"helps-2362274204\" class=\"helps-before-content-2 helps-entity-placement\"><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3661896953164277\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- 2anuncios display quadrado -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3661896953164277\"\r\n     data-ad-slot=\"5051229894\"\r\n     data-ad-format=\"auto\"\r\n     data-full-width-responsive=\"true\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\n<h2 id=\"h-introducao\" class=\"wp-block-heading\">Introdu\u00e7\u00e3o<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A seguran\u00e7a de servidores <a href=\"https:\/\/helpsysadmin.com.br\/blog\/como-instalar-crowdsec\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Como instalar Crowdsec\" target=\"_blank\" rel=\"noopener\">Linux<\/a> \u00e9 uma preocupa\u00e7\u00e3o constante para administradores de sistemas, empresas de hospedagem e propriet\u00e1rios de sites. Com o crescimento dos ataques automatizados contra WordPress, Joomla, Magento, Laravel e outras aplica\u00e7\u00f5es web, tornou-se fundamental implementar camadas adicionais de prote\u00e7\u00e3o al\u00e9m do firewall tradicional.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u00c9 nesse cen\u00e1rio que o <strong>ModSecurity no DirectAdmin<\/strong> se destaca como uma das ferramentas mais importantes para proteger aplica\u00e7\u00f5es web contra ataques modernos. Trata-se de um Web Application Firewall (WAF) capaz de analisar requisi\u00e7\u00f5es HTTP em tempo real e bloquear atividades suspeitas antes que elas atinjam o site ou banco de dados.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Diferentemente de firewalls de rede convencionais, o <strong>ModSecurity no DirectAdmin<\/strong> entende o conte\u00fado das requisi\u00e7\u00f5es e consegue identificar padr\u00f5es de ataque extremamente sofisticados. Isso significa que tentativas de SQL Injection, Cross-Site Scripting (XSS), Command Injection e diversas outras amea\u00e7as podem ser bloqueadas automaticamente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Neste guia completo voc\u00ea aprender\u00e1 tudo sobre o <strong>ModSecurity no DirectAdmin<\/strong>, desde a instala\u00e7\u00e3o at\u00e9 ajustes avan\u00e7ados de desempenho, tratamento de falsos positivos e integra\u00e7\u00e3o com outras ferramentas de seguran\u00e7a.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-o-que-e-modsecurity\" class=\"wp-block-heading\">O Que \u00e9 ModSecurity<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">O ModSecurity \u00e9 um firewall de aplica\u00e7\u00f5es web desenvolvido inicialmente para servidores Apache. Atualmente ele tamb\u00e9m suporta Nginx, LiteSpeed e OpenLiteSpeed.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Sua principal fun\u00e7\u00e3o \u00e9 monitorar e filtrar todo o tr\u00e1fego HTTP e HTTPS antes que a aplica\u00e7\u00e3o receba a requisi\u00e7\u00e3o.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Imagine que um invasor tente acessar:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>https:\/\/site.com\/index.php?id=1' OR '1'='1<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Sem prote\u00e7\u00e3o adequada, essa requisi\u00e7\u00e3o poderia explorar vulnerabilidades SQL Injection.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Com o <strong>ModSecurity no DirectAdmin<\/strong>, a requisi\u00e7\u00e3o \u00e9 analisada antes de chegar ao PHP ou banco de dados. Caso corresponda a uma assinatura de ataque conhecida, ela ser\u00e1 bloqueada imediatamente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Essa abordagem reduz significativamente o risco de invas\u00f5es e comprometimento de dados.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-como-o-modsecurity-funciona\" class=\"wp-block-heading\">Como o ModSecurity Funciona<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">O funcionamento do <strong>ModSecurity no DirectAdmin<\/strong> pode ser dividido em v\u00e1rias etapas.<\/p>\n\n\n\n<h3 id=\"h-1-recebimento-da-requisicao\" class=\"wp-block-heading\">1. Recebimento da Requisi\u00e7\u00e3o<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">O visitante acessa um site hospedado no servidor.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>https:&#47;&#47;dominio.com\/login.php<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">O Apache recebe a conex\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-2-analise-de-cabecalhos\" class=\"wp-block-heading\">2. An\u00e1lise de Cabe\u00e7alhos<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">O ModSecurity verifica:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>User-Agent<\/li>\n\n\n\n<li>Referer<\/li>\n\n\n\n<li>Cookies<\/li>\n\n\n\n<li>IP de origem<\/li>\n\n\n\n<li>M\u00e9todos HTTP<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Por exemplo, um User-Agent claramente malicioso pode ser bloqueado imediatamente.<\/p>\n\n\n\n<h3 id=\"h-3-analise-do-conteudo\" class=\"wp-block-heading\">3. An\u00e1lise do Conte\u00fado<\/h3>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\">O sistema verifica:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>URLs<\/li>\n\n\n\n<li>Campos de formul\u00e1rios<\/li>\n\n\n\n<li>Uploads<\/li>\n\n\n\n<li>Requisi\u00e7\u00f5es POST<\/li>\n\n\n\n<li>APIs REST<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-4-aplicacao-das-regras\" class=\"wp-block-heading\">4. Aplica\u00e7\u00e3o das Regras<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Cada requisi\u00e7\u00e3o \u00e9 comparada com milhares de regras.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo simplificado:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>SecRule ARGS \"@contains select\" \\<br>\"id:1001,deny,status:403\"<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Caso a regra seja acionada, a requisi\u00e7\u00e3o \u00e9 interrompida.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-5-registro-em-log\" class=\"wp-block-heading\">5. Registro em Log<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Todos os eventos s\u00e3o armazenados para an\u00e1lise posterior.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-beneficios-do-modsecurity-no-directadmin\" class=\"wp-block-heading\">Benef\u00edcios do ModSecurity no DirectAdmin<\/h2>\n\n\n\n<h3 id=\"h-protecao-contra-sql-injection\" class=\"wp-block-heading\">Prote\u00e7\u00e3o Contra SQL Injection<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">SQL Injection continua sendo uma das vulnerabilidades mais exploradas.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo de tentativa:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>' UNION SELECT username,password FROM users--<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">O <strong>ModSecurity no DirectAdmin<\/strong> identifica padr\u00f5es suspeitos e bloqueia automaticamente a a\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-protecao-contra-xss\" class=\"wp-block-heading\">Prote\u00e7\u00e3o Contra XSS<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Ataques XSS tentam injetar JavaScript em p\u00e1ginas web.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;script&gt;alert('Ataque')&lt;\/script&gt;<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">A regra correspondente impede que o c\u00f3digo seja executado.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-protecao-contra-bots\" class=\"wp-block-heading\">Prote\u00e7\u00e3o Contra Bots<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Bots maliciosos realizam:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>For\u00e7a bruta<\/li>\n\n\n\n<li>Coleta de e-mails<\/li>\n\n\n\n<li>Varredura de vulnerabilidades<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">O WAF consegue identificar padr\u00f5es repetitivos e bloquear acessos suspeitos.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-seguranca-para-wordpress\" class=\"wp-block-heading\">Seguran\u00e7a Para WordPress<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">O WordPress \u00e9 o CMS mais atacado do mundo.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O <strong>ModSecurity no DirectAdmin<\/strong> protege:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>wp-login.php<\/li>\n\n\n\n<li>xmlrpc.php<\/li>\n\n\n\n<li>REST API<\/li>\n\n\n\n<li>Uploads<\/li>\n\n\n\n<li>Plugins vulner\u00e1veis<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-protecao-em-hospedagem-compartilhada\" class=\"wp-block-heading\">Prote\u00e7\u00e3o em Hospedagem Compartilhada<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Em ambientes compartilhados, um \u00fanico site comprometido pode afetar outros clientes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O uso do ModSecurity ajuda a reduzir significativamente esse risco.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-instalacao-do-modsecurity-no-directadmin\" class=\"wp-block-heading\">Instala\u00e7\u00e3o do ModSecurity no DirectAdmin<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A instala\u00e7\u00e3o ocorre atrav\u00e9s do CustomBuild.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Entre no servidor:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/usr\/local\/directadmin\/custombuild<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Habilite o recurso e execute a instala\u00e7\u00e3o:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>.\/build set modsecurity_ruleset owasp\n.\/build modsecurity\n.\/build modsecurity_rules<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>Ap\u00f3s concluir:<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl restart httpd\nse utilizado com nginx\nsystemctl restart nginx<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-como-verificar-se-esta-ativo\" class=\"wp-block-heading\">Como Verificar se Est\u00e1 Ativo<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Ap\u00f3s instalar o <strong>ModSecurity no DirectAdmin<\/strong>, confirme se o m\u00f3dulo foi carregado.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Se instalado apenas o Apache Execute:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>apachectl -M | grep security<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Sa\u00edda esperada:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>security2_module<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Outra verifica\u00e7\u00e3o:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>httpd -M | grep security\n\nSe instalado o NGINX Execute:\nnginx -V\ne procure por --add-module=static_modules\/modsecurity-nginx<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-testando-o-funcionamento\" class=\"wp-block-heading\">Testando o Funcionamento<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Um teste simples:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>https:&#47;&#47;dominio.com\/?teste=..\/..\/etc\/passwd<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Se o WAF estiver ativo, a requisi\u00e7\u00e3o dever\u00e1 ser bloqueada.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Outro teste:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>https:\/\/dominio.com\/?id=' OR 1=1--<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">O retorno esperado \u00e9 erro 403.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-entendendo-os-logs-do-modsecurity\" class=\"wp-block-heading\">Entendendo os Logs do ModSecurity<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Os logs s\u00e3o fundamentais para administra\u00e7\u00e3o do sistema.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Normalmente se apenas Apache:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/var\/log\/httpd\/modsec_audit.log<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Visualiza\u00e7\u00e3o em tempo real:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>tail -f \/var\/log\/httpd\/modsec_audit.log\n\nNormalmente se NGINX:\n\n\/var\/log\/nginx\/modsec_audit.log\n\nVisualiza\u00e7\u00e3o em tempo real:\n\ntail -f \/var\/log\/nginx\/modsec_audit.log<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo de registro:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Message: Access denied with code 403<br>Rule ID: 949110<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">O n\u00famero da regra ser\u00e1 essencial para troubleshooting.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-como-corrigir-erro-403-406-413\" class=\"wp-block-heading\">Como Corrigir Erro 403 406 413<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Existem algumas regras que bloqueiam parte do wordpress e que devemos desativar.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para isso fa\u00e7a login no DirectAdmin com usu\u00e1rio admin<br>V\u00e1 ao Menu Gerenciador de Servidor e a seguir ModSecurity.<br>Clique no bot\u00e3o Default configuration.<br>Localize &#8220;ID da regra&#8221; e insira o n\u00famero da regra que deseja desativar.<br>As regras com falso positivo que voc\u00ea deve desativar seguem abaixo:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">911100<br>930120<br>930130<br>920450<br>921130<br>932130<br>932235<br>932260<br>932370<br>941100<br>941130<br>941160<br>941170<br>941180<br>941190<br>941250<br>941260<br>942151<br>942550<br>944130<br>949110<br>941110<br>934100<br>920280<br>920350<br>942290<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Ao inserir clique no bot\u00e3o <strong>Acicionar Exclus\u00e3o<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-configuracao-recomendada-para-wordpress\" class=\"wp-block-heading\">Configura\u00e7\u00e3o Recomendada para WordPress<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Para servidores WordPress:<\/p>\n\n\n\n<h3 id=\"h-habilitar-owasp-crs\" class=\"wp-block-heading\">Habilitar OWASP CRS<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>.\/build set modsecurity_ruleset owasp<\/code><\/pre>\n\n\n\n<h3 id=\"h-desativar-xml-rpc-no-htaccess-do-site\" class=\"wp-block-heading\">Desativar XML-RPC no .htaccess do site<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;Files xmlrpc.php&gt;<br>Order Deny,Allow<br>Deny from all<br>&lt;\/Files&gt;<\/code><\/pre>\n\n\n\n<h3 id=\"h-limitar-tentativas-de-login\" class=\"wp-block-heading\">Limitar Tentativas de Login<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Utilize:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CSF<\/li>\n\n\n\n<li><a href=\"https:\/\/helpsysadmin.com.br\/blog\/fail2ban-vs-crowdsec-em-producao\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Fail2Ban vs CrowdSec em Produ\u00e7\u00e3o: Qual \u00e9 a Melhor Solu\u00e7\u00e3o de Seguran\u00e7a para Servidores Linux?\" target=\"_blank\" rel=\"noopener\">Fail2Ban<\/a><\/li>\n\n\n\n<li>Cloudflare<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">junto com o <strong>ModSecurity no DirectAdmin<\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-integracao-com-csf-firewall\" class=\"wp-block-heading\">Integra\u00e7\u00e3o com CSF Firewall<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Edite:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nano \/etc\/csf\/csf.conf<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Ative:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>LF_MODSEC = \"5\"\nLF_MODSEC_PERM = \"1\"\nao sair execute, csf -r<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Agora IPs que acionarem m\u00faltiplas regras ser\u00e3o bloqueados automaticamente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Essa integra\u00e7\u00e3o aumenta significativamente a prote\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-integracao-com-nginx-reverse-proxy\" class=\"wp-block-heading\">Integra\u00e7\u00e3o com Nginx Reverse Proxy<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Muitos servidores DirectAdmin utilizam:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Nginx \u2192 Apache \u2192 PHP<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Nesse cen\u00e1rio o <strong>ModSecurity no DirectAdmin<\/strong> continua funcionando normalmente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Verifique:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nginx -V<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Confirme a integra\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-otimizacao-de-desempenho\" class=\"wp-block-heading\">Otimiza\u00e7\u00e3o de Desempenho<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Um erro comum \u00e9 acreditar que o WAF sempre degrada drasticamente o servidor.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Na pr\u00e1tica isso depende de:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Quantidade de regras<\/li>\n\n\n\n<li>Tr\u00e1fego<\/li>\n\n\n\n<li>CPU<\/li>\n\n\n\n<li>RAM<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-monitorando-cpu\" class=\"wp-block-heading\">Monitorando CPU<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Utilize:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>htop<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">ou<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>top<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Verifique processos Apache.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-monitorando-disco\" class=\"wp-block-heading\">Monitorando Disco<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Logs intensivos podem gerar I\/O elevado.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Ferramentas:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iotop<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>atop<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 id=\"h-monitorando-memoria\" class=\"wp-block-heading\">Monitorando Mem\u00f3ria<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>free -m<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">ou<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vmstat 1<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\">O <strong>ModSecurity no DirectAdmin<\/strong> deve fazer parte de uma estrat\u00e9gia maior.<\/p>\n\n\n\n<h2 id=\"h-hardening-completo-com-modsecurity\" class=\"wp-block-heading\">Hardening Completo com ModSecurity<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Combine com:<\/p>\n\n\n\n<h3 id=\"h-csf-firewall\" class=\"wp-block-heading\">CSF Firewall<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Prote\u00e7\u00e3o de rede.<\/p>\n\n\n\n<h3 id=\"h-cloudflare\" class=\"wp-block-heading\">Cloudflare<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Mitiga\u00e7\u00e3o DDoS.<\/p>\n\n\n\n<h3 id=\"h-fail2ban\" class=\"wp-block-heading\">Fail2Ban<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Bloqueio autom\u00e1tico.<\/p>\n\n\n\n<h3 id=\"h-malware-detect\" class=\"wp-block-heading\">Malware Detect<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Detec\u00e7\u00e3o de malware.<\/p>\n\n\n\n<h3 id=\"h-imunifyav\" class=\"wp-block-heading\">ImunifyAV<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Escaneamento de arquivos.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-melhores-praticas\" class=\"wp-block-heading\">Melhores Pr\u00e1ticas<\/h2>\n\n\n\n<h3 id=\"h-atualizar-regras\" class=\"wp-block-heading\">Atualizar Regras<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Verifique atualiza\u00e7\u00f5es regularmente.<\/p>\n\n\n\n<h3 id=\"h-revisar-logs\" class=\"wp-block-heading\">Revisar Logs<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Analise eventos diariamente.<\/p>\n\n\n\n<h3 id=\"h-nao-desativar-regras-sem-analise\" class=\"wp-block-heading\">N\u00e3o Desativar Regras Sem An\u00e1lise<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Toda regra existe por um motivo.<\/p>\n\n\n\n<h3 id=\"h-realizar-testes\" class=\"wp-block-heading\">Realizar Testes<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Ap\u00f3s qualquer altera\u00e7\u00e3o:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Teste WordPress<\/li>\n\n\n\n<li>Teste WooCommerce<\/li>\n\n\n\n<li>Teste APIs<\/li>\n\n\n\n<li>Teste formul\u00e1rios<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-cenario-real-protegendo-um-servidor-wordpress\" class=\"wp-block-heading\">Cen\u00e1rio Real: Protegendo um Servidor WordPress<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Imagine um VPS:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>8 vCPU<\/li>\n\n\n\n<li>12 GB RAM<\/li>\n\n\n\n<li>Apache + Nginx<\/li>\n\n\n\n<li>PHP-FPM<\/li>\n\n\n\n<li>MariaDB<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Hospedando:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>4 sites WordPress<\/li>\n\n\n\n<li>WooCommerce<\/li>\n\n\n\n<li>Elementor<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Sem ModSecurity:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tentativas constantes de login<\/li>\n\n\n\n<li>Bots escaneando plugins<\/li>\n\n\n\n<li>Ataques XML-RPC<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Ap\u00f3s implementar o <strong>ModSecurity no DirectAdmin<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Redu\u00e7\u00e3o dr\u00e1stica de tr\u00e1fego malicioso<\/li>\n\n\n\n<li>Menor carga no PHP<\/li>\n\n\n\n<li>Menor utiliza\u00e7\u00e3o do banco de dados<\/li>\n\n\n\n<li>Maior estabilidade do servidor<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Esse \u00e9 um dos principais motivos pelos quais provedores profissionais utilizam WAFs em produ\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"h-problemas-comuns-e-solucoes\" class=\"wp-block-heading\">Problemas Comuns e Solu\u00e7\u00f5es<\/h2>\n\n\n\n<h3 id=\"h-elementor-nao-salva\" class=\"wp-block-heading\">Elementor N\u00e3o Salva<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Verifique no DirectAdmin em ModSecurity >> FULL AUDIT LOG e localize o  dom\u00ednio e Rule ID.<\/p>\n\n\n\n<h3 id=\"h-woocommerce-nao-finaliza-pedido\" class=\"wp-block-heading\">WooCommerce N\u00e3o Finaliza Pedido<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Analise bloqueios relacionados a POST.<\/p>\n\n\n\n<h3 id=\"h-api-retorna-erro-403\" class=\"wp-block-heading\">API Retorna Erro 403<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">erifique no DirectAdmin em ModSecurity >> FULL AUDIT LOG<strong> <\/strong>regras REST API.<\/p>\n\n\n\n<h3 id=\"h-site-retorna-erros-aleatorios\" class=\"wp-block-heading\">Site Retorna Erros Aleat\u00f3rios<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Revise logs do ModSecurity antes de investigar Apache ou PHP.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Arquitetura do ModSecurity no DirectAdmin<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Antes de implementar o ModSecurity em produ\u00e7\u00e3o, \u00e9 importante entender como ele se encaixa na arquitetura do servidor.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Em um ambiente t\u00edpico DirectAdmin encontramos:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Internet<br> \u2193<br>Nginx Reverse Proxy<br> \u2193<br>Apache<br> \u2193<br>PHP-FPM<br> \u2193<br>MariaDB<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Quando o <strong>ModSecurity no DirectAdmin<\/strong> est\u00e1 habilitado, ele atua entre a chegada da requisi\u00e7\u00e3o e o processamento pelo Apache.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O fluxo torna-se:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Internet<br> \u2193<br>Nginx<br> \u2193<br>ModSecurity<br> \u2193<br>Apache<br> \u2193<br>PHP<br> \u2193<br>Banco de Dados<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Isso significa que requisi\u00e7\u00f5es maliciosas podem ser bloqueadas antes mesmo de consumir recursos de PHP ou MariaDB.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Na pr\u00e1tica, isso reduz:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Uso de CPU<\/li>\n\n\n\n<li>Consumo de RAM<\/li>\n\n\n\n<li>Consultas desnecess\u00e1rias ao banco<\/li>\n\n\n\n<li>Tentativas de explora\u00e7\u00e3o<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Em servidores com dezenas de sites WordPress, essa economia de recursos pode ser significativa.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Entendendo os N\u00edveis de Paranoia do OWASP CRS<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Um conceito pouco conhecido \u00e9 o Paranoia Level.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O OWASP CRS trabalha com diferentes n\u00edveis de rigor.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Paranoia Level 1<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u00c9 o padr\u00e3o recomendado.(default)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Caracter\u00edsticas:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Menos falsos positivos<\/li>\n\n\n\n<li>Excelente compatibilidade<\/li>\n\n\n\n<li>Ideal para WordPress<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Paranoia Level 2<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Maior prote\u00e7\u00e3o.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Bloqueia padr\u00f5es mais agressivos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Pode gerar alguns falsos positivos.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Paranoia Level 3<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Voltado para ambientes corporativos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Maior taxa de detec\u00e7\u00e3o.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exige monitoramento constante.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Paranoia Level 4<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">M\u00e1xima prote\u00e7\u00e3o.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Indicado apenas para aplica\u00e7\u00f5es altamente controladas.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Na maioria dos casos o n\u00edvel 1 oferece o melhor equil\u00edbrio entre seguran\u00e7a e usabilidade.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Como Monitorar Ataques em Tempo Real<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Monitoramento \u00e9 fundamental.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Se Apache Utilize:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>tail -f \/var\/log\/httpd\/modsec_audit.log\n\nSe NGINX com Apache Utilize:\n\ntail -f \/var\/log\/nginx\/modsec_audit.log<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Durante um ataque voc\u00ea poder\u00e1 observar centenas de eventos semelhantes:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Access denied with code 403<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">ou<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>SQL Injection Attack Detected<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Em servidores com alto tr\u00e1fego recomenda-se integrar os logs ao:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Graylog<\/li>\n\n\n\n<li>ELK Stack<\/li>\n\n\n\n<li>Grafana Loki<\/li>\n\n\n\n<li>Splunk<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Dessa forma \u00e9 poss\u00edvel visualizar tend\u00eancias e identificar padr\u00f5es de ataque.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">ModSecurity e WooCommerce<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Lojas virtuais costumam apresentar desafios espec\u00edficos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O checkout envia grande quantidade de dados.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Muitas regras do OWASP podem interpretar esses dados como suspeitos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Os sintomas incluem:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Carrinho vazio<\/li>\n\n\n\n<li>Pedido n\u00e3o finaliza<\/li>\n\n\n\n<li>Erro 403<\/li>\n\n\n\n<li>Erro 406<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Nesses casos o administrador deve analisar cuidadosamente os logs.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Jamais desative o ModSecurity apenas porque o WooCommerce apresentou incompatibilidade.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Normalmente apenas uma ou duas regras precisam ser ajustadas.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">ModSecurity e Elementor<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">O Elementor \u00e9 respons\u00e1vel por grande parte dos falsos positivos em WordPress.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O motivo \u00e9 simples:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O editor envia grandes blocos de HTML e JavaScript.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Exemplo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;script&gt;<br>document.write(\"teste\");<br>&lt;\/script&gt;<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Algumas regras interpretam isso como tentativa de XSS.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">O resultado \u00e9:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>403 Forbidden<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">A solu\u00e7\u00e3o correta \u00e9 identificar o Rule ID respons\u00e1vel e criar exce\u00e7\u00f5es espec\u00edficas.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Prote\u00e7\u00e3o Contra Bots Maliciosos<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Uma das maiores vantagens do ModSecurity \u00e9 a capacidade de bloquear bots.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Todos os dias milhares de bots procuram:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/wp-admin<br>\/wp-login.php<br>\/xmlrpc.php<br>\/<a href=\"https:\/\/helpsysadmin.com.br\/blog\/configurar-login-automatico-phpmyadmin\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"Como Configurar Login Autom\u00e1tico no phpMyAdmin via DirectAdmin\">phpmyadmin<\/a><br>\/admin<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Essas tentativas geram consumo desnecess\u00e1rio de recursos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Com o ModSecurity ativo, muitas delas s\u00e3o bloqueadas imediatamente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Isso reduz:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Uso de CPU<\/li>\n\n\n\n<li>Consumo de RAM<\/li>\n\n\n\n<li>Consultas MySQL<\/li>\n\n\n\n<li>Processos PHP<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Prote\u00e7\u00e3o Contra Explora\u00e7\u00e3o de Plugins Vulner\u00e1veis<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Grande parte das invas\u00f5es em WordPress ocorre atrav\u00e9s de plugins.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Quando uma vulnerabilidade \u00e9 descoberta, bots come\u00e7am a explor\u00e1-la em massa.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Mesmo antes de atualizar o plugin, o ModSecurity pode ajudar a bloquear tentativas conhecidas.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Isso fornece uma camada adicional de prote\u00e7\u00e3o at\u00e9 que a corre\u00e7\u00e3o oficial seja aplicada.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Utilizando Cloudflare em Conjunto com ModSecurity<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Uma excelente pr\u00e1tica \u00e9 combinar:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloudflare<\/li>\n\n\n\n<li>CSF<\/li>\n\n\n\n<li>ModSecurity<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Cada camada protege uma parte diferente da infraestrutura.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cloudflare<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Protege contra:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DDoS<\/li>\n\n\n\n<li>Bots<\/li>\n\n\n\n<li>Ataques Layer 7<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CSF<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Protege:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Portas<\/li>\n\n\n\n<li>Conex\u00f5es<\/li>\n\n\n\n<li>For\u00e7a bruta<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">ModSecurity<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Protege:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Aplica\u00e7\u00f5es web<\/li>\n\n\n\n<li>Formul\u00e1rios<\/li>\n\n\n\n<li>APIs<\/li>\n\n\n\n<li>CMS<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Essa abordagem multicamadas \u00e9 amplamente utilizada em provedores de hospedagem profissionais.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Como Atualizar Regras do ModSecurity<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">As amea\u00e7as evoluem constantemente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Por isso as regras devem ser atualizadas.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">No DirectAdmin:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/usr\/local\/directadmin\/custombuild\n.\/build update\n.\/build modsecurity_rules<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Recomenda-se verificar atualiza\u00e7\u00f5es regularmente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Muitas vezes novas regras s\u00e3o disponibilizadas para bloquear vulnerabilidades rec\u00e9m-descobertas.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Boas Pr\u00e1ticas para VPS e Servidores Dedicados<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Ao utilizar o ModSecurity em VPS ou servidores dedicados, siga estas recomenda\u00e7\u00f5es:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. Utilize SSD NVMe<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Logs de auditoria podem gerar muitas opera\u00e7\u00f5es de disco.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Monitore Consumo de RAM<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Ferramentas:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>htop<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>free -m<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">3. Revise Logs Semanalmente<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Identifique:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ataques recorrentes<\/li>\n\n\n\n<li>Bots<\/li>\n\n\n\n<li>Falsos positivos<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4. Atualize o Sistema<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Mantenha:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Kernel<\/li>\n\n\n\n<li>Apache<\/li>\n\n\n\n<li>Nginx<\/li>\n\n\n\n<li>PHP<\/li>\n\n\n\n<li>DirectAdmin<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">sempre atualizados.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5. Fa\u00e7a Backup das Configura\u00e7\u00f5es<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Antes de alterar regras:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cp -a \/etc\/httpd\/conf\/ \/root\/httpd-backup\ncp -a \/etc\/nginx\/ \/root\/nginx-backup<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Estudo de Caso Real<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Considere um servidor VPS:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Configura\u00e7\u00e3o:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>8 vCPU<\/li>\n\n\n\n<li>12 GB RAM<\/li>\n\n\n\n<li>Apache + Nginx<\/li>\n\n\n\n<li>MariaDB<\/li>\n\n\n\n<li>4 sites WordPress<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Problemas observados:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Alto consumo de CPU<\/li>\n\n\n\n<li>Milhares de acessos ao wp-login.php<\/li>\n\n\n\n<li>Ataques XML-RPC<\/li>\n\n\n\n<li>Tentativas de SQL Injection<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Ap\u00f3s implementar o ModSecurity:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Primeira semana:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Mais de 18.000 ataques bloqueados<\/li>\n\n\n\n<li>Redu\u00e7\u00e3o de 25% no uso m\u00e9dio de CPU<\/li>\n\n\n\n<li>Redu\u00e7\u00e3o de acessos maliciosos ao PHP<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Primeiro m\u00eas:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Nenhum incidente de seguran\u00e7a<\/li>\n\n\n\n<li>Menor utiliza\u00e7\u00e3o do banco de dados<\/li>\n\n\n\n<li>Melhor estabilidade geral<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Esse cen\u00e1rio \u00e9 extremamente comum em ambientes WordPress.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Erros que Devem Ser Evitados<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Desativar o ModSecurity<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Muitos administradores simplesmente executam:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>.\/build set modsecurity no<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Isso elimina uma camada importante de prote\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Ignorar Logs<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Sem monitoramento \u00e9 imposs\u00edvel saber o que est\u00e1 acontecendo no servidor.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Desabilitar Muitas Regras<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Quanto mais regras removidas, menor ser\u00e1 a prote\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">N\u00e3o Atualizar Regras<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Ataques evoluem diariamente.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Regras desatualizadas reduzem a efic\u00e1cia do WAF.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">ModSecurity Vale a Pena?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A resposta \u00e9 sim.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para ambientes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>WordPress<\/li>\n\n\n\n<li>WooCommerce<\/li>\n\n\n\n<li>Laravel<\/li>\n\n\n\n<li>Joomla<\/li>\n\n\n\n<li>Magento<\/li>\n\n\n\n<li>Hospedagem compartilhada<\/li>\n\n\n\n<li>VPS<\/li>\n\n\n\n<li>Servidores dedicados<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">o <strong>ModSecurity no DirectAdmin<\/strong> oferece uma excelente rela\u00e7\u00e3o entre seguran\u00e7a e consumo de recursos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Mesmo que ocasionalmente seja necess\u00e1rio ajustar regras ou lidar com falsos positivos, os benef\u00edcios superam amplamente os inconvenientes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Al\u00e9m disso, quando combinado com CSF, Fail2Ban e Cloudflare, o ModSecurity se torna uma das ferramentas mais eficazes para prote\u00e7\u00e3o de aplica\u00e7\u00f5es web em servidores Linux.<\/p>\n\n\n\n<h2 id=\"h-conclusao\" class=\"wp-block-heading\">Conclus\u00e3o<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Implementar o <strong>ModSecurity no DirectAdmin<\/strong> \u00e9 uma das medidas mais eficazes para proteger servidores Linux contra amea\u00e7as modernas. Seja em VPS, servidores dedicados ou ambientes cloud, um WAF corretamente configurado reduz significativamente o risco de invas\u00f5es, explora\u00e7\u00e3o de vulnerabilidades e comprometimento de dados.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Ao longo deste guia vimos como instalar, configurar, monitorar e otimizar o <strong>ModSecurity no DirectAdmin<\/strong>, al\u00e9m de aprender t\u00e9cnicas para corrigir erros 403, 406 e 413, reduzir falsos positivos e integrar a solu\u00e7\u00e3o com CSF Firewall, Nginx Reverse Proxy e outras ferramentas de seguran\u00e7a.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para administradores de sistemas, empresas de hospedagem e profissionais DevOps, o <strong>ModSecurity no DirectAdmin<\/strong> deve ser considerado um componente essencial da estrat\u00e9gia de hardening de servidores. Quando combinado com boas pr\u00e1ticas de atualiza\u00e7\u00e3o, monitoramento cont\u00ednuo e an\u00e1lise de logs, ele oferece uma camada robusta de prote\u00e7\u00e3o capaz de bloquear milhares de ataques diariamente sem impactar significativamente a experi\u00eancia dos usu\u00e1rios leg\u00edtimos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h3 id=\"h-faq\" class=\"wp-block-heading\">FAQ<\/h3>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1781287056957\"><strong class=\"schema-faq-question\">O ModSecurity no DirectAdmin \u00e9 gratuito?<\/strong> <p class=\"schema-faq-answer\">Sim. O mecanismo \u00e9 open source. Algumas regras podem possuir licenciamento espec\u00edfico.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1781287080421\"><strong class=\"schema-faq-question\">Qual \u00e9 melhor: OWASP CRS ou Comodo?<\/strong> <p class=\"schema-faq-answer\">Para a maioria dos ambientes, OWASP CRS \u00e9 a melhor escolha devido \u00e0 ampla ado\u00e7\u00e3o e atualiza\u00e7\u00f5es frequentes.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1781287108973\"><strong class=\"schema-faq-question\">O ModSecurity pode deixar o servidor lento?<\/strong> <p class=\"schema-faq-answer\">Em servidores modernos o impacto costuma ser pequeno quando configurado corretamente.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1781287138777\"><strong class=\"schema-faq-question\">Posso usar ModSecurity com Nginx?<\/strong> <p class=\"schema-faq-answer\">Sim. O DirectAdmin suporta ambientes Apache + Nginx Reverse Proxy.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1781287164034\"><strong class=\"schema-faq-question\">Vale a pena utilizar em WordPress?<\/strong> <p class=\"schema-faq-answer\">Sim. O WordPress \u00e9 um dos principais alvos de ataques automatizados e se beneficia muito do uso do ModSecurity.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1781287187372\"><strong class=\"schema-faq-question\">Como reduzir falsos positivos?<\/strong> <p class=\"schema-faq-answer\">Monitore logs, identifique Rule IDs problem\u00e1ticos e crie exce\u00e7\u00f5es espec\u00edficas em vez de desativar o firewall completamente.<\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Introdu\u00e7\u00e3o A seguran\u00e7a de servidores Linux \u00e9 uma preocupa\u00e7\u00e3o constante para administradores de sistemas, empresas de hospedagem e propriet\u00e1rios de sites. Com [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":7144,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4193,4197],"tags":[2856,1362,3139,3585,3445,24,3449,3989,3619,3443],"class_list":["post-7143","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-paineis-de-hospedagem","category-seguranca-e-hardening","tag-apache","tag-directadmin","tag-hardening-linux-3","tag-hospedagem-web","tag-modsecurity","tag-nginx","tag-owasp-crs","tag-seguranca-linux-4","tag-vps-linux","tag-waf"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.8 (Yoast SEO v27.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a<\/title>\n<meta name=\"description\" content=\"Aprenda como instalar, configurar e otimizar o ModSecurity no DirectAdmin. Proteja seus sites, reduza falsos positivos e aumente a seguran\u00e7a do servidor.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a\" \/>\n<meta property=\"og:description\" content=\"Aprenda como instalar, configurar e otimizar o ModSecurity no DirectAdmin. Proteja seus sites, reduza falsos positivos e aumente a seguran\u00e7a do servidor.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog HelpSysAdmin\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-12T17:43:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-12T18:00:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/06\/modsecurity_no_directadmin.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"HelpSysAdmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@brhelpsysad\" \/>\n<meta name=\"twitter:site\" content=\"@brhelpsysad\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/\"},\"author\":{\"name\":\"HelpSysAdmin\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/person\\\/bdbe3d7d71a0c6a3cb474c18da574efb\"},\"headline\":\"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a\",\"datePublished\":\"2026-06-12T17:43:08+00:00\",\"dateModified\":\"2026-06-12T18:00:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/\"},\"wordCount\":2293,\"publisher\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/06\\/modsecurity_no_directadmin.webp\",\"keywords\":[\"Apache\",\"DirectAdmin\",\"hardening linux\",\"Hospedagem Web\",\"modsecurity\",\"nginx\",\"owasp crs\",\"seguran\u00e7a Linux\",\"VPS Linux\",\"waf\"],\"articleSection\":[\"Pain\u00e9is de Hospedagem (Control Panels)\",\"Seguran\u00e7a e Hardening\"],\"inLanguage\":\"pt-BR\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/\",\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/\",\"name\":\"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/06\\/modsecurity_no_directadmin.webp\",\"datePublished\":\"2026-06-12T17:43:08+00:00\",\"dateModified\":\"2026-06-12T18:00:13+00:00\",\"description\":\"Aprenda como instalar, configurar e otimizar o ModSecurity no DirectAdmin. Proteja seus sites, reduza falsos positivos e aumente a seguran\u00e7a do servidor.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287056957\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287080421\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287108973\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287138777\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287164034\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287187372\"}],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#primaryimage\",\"url\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/06\\/modsecurity_no_directadmin.webp\",\"contentUrl\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/06\\/modsecurity_no_directadmin.webp\",\"width\":1500,\"height\":1000,\"caption\":\"modsecurity no directadmin\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\",\"name\":\"Blog HelpSysAdmin\",\"description\":\"Webserver linux blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#organization\"},\"alternateName\":\"HelpSysAdmin Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#organization\",\"name\":\"HelpSysAdmin Gerenciamento de Servidores\",\"alternateName\":\"HelpSysAdmin\",\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\/\\/mlkpd8g42nae.i.optimole.com\\/w:512\\/h:512\\/q:mauto\\/f:best\\/https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2020\\/12\\/favicon.png\",\"contentUrl\":\"https:\\/\\/mlkpd8g42nae.i.optimole.com\\/w:512\\/h:512\\/q:mauto\\/f:best\\/https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2020\\/12\\/favicon.png\",\"width\":512,\"height\":512,\"caption\":\"HelpSysAdmin Gerenciamento de Servidores\"},\"image\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/brhelpsysad\",\"https:\\\/\\\/mastodon.social\\\/@helpsysadmin\"],\"description\":\"Oferecemos o gerenciamento de servidores dedicados, vps ou cloud. Apresentamos a melhor experi\u00eancia em atendimento e servi\u00e7o. Nosso time cuidar\u00e1 do seu servidor com backups, an\u00e1lises constantes, ajustes de seguran\u00e7a, realiza\u00e7\u00e3o de manuten\u00e7\u00e3o preventiva e corretiva, otimiza\u00e7\u00e3o de performance al\u00e9m de monitoramento 24\u00d77 com suporte Pr\u00f3 Ativo.\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"1\",\"maxValue\":\"10\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/person\\\/bdbe3d7d71a0c6a3cb474c18da574efb\",\"name\":\"HelpSysAdmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g\",\"caption\":\"HelpSysAdmin\"},\"sameAs\":[\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\"]},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287056957\",\"position\":1,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287056957\",\"name\":\"O ModSecurity no DirectAdmin \u00e9 gratuito?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Sim. O mecanismo \u00e9 open source. Algumas regras podem possuir licenciamento espec\u00edfico.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287080421\",\"position\":2,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287080421\",\"name\":\"Qual \u00e9 melhor: OWASP CRS ou Comodo?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Para a maioria dos ambientes, OWASP CRS \u00e9 a melhor escolha devido \u00e0 ampla ado\u00e7\u00e3o e atualiza\u00e7\u00f5es frequentes.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287108973\",\"position\":3,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287108973\",\"name\":\"O ModSecurity pode deixar o servidor lento?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Em servidores modernos o impacto costuma ser pequeno quando configurado corretamente.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287138777\",\"position\":4,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287138777\",\"name\":\"Posso usar ModSecurity com Nginx?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Sim. O DirectAdmin suporta ambientes Apache + Nginx Reverse Proxy.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287164034\",\"position\":5,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287164034\",\"name\":\"Vale a pena utilizar em WordPress?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Sim. O WordPress \u00e9 um dos principais alvos de ataques automatizados e se beneficia muito do uso do ModSecurity.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287187372\",\"position\":6,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/modsecurity-no-directadmin\\\/#faq-question-1781287187372\",\"name\":\"Como reduzir falsos positivos?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Monitore logs, identifique Rule IDs problem\u00e1ticos e crie exce\u00e7\u00f5es espec\u00edficas em vez de desativar o firewall completamente.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a","description":"Aprenda como instalar, configurar e otimizar o ModSecurity no DirectAdmin. Proteja seus sites, reduza falsos positivos e aumente a seguran\u00e7a do servidor.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/","og_locale":"pt_BR","og_type":"article","og_title":"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a","og_description":"Aprenda como instalar, configurar e otimizar o ModSecurity no DirectAdmin. Proteja seus sites, reduza falsos positivos e aumente a seguran\u00e7a do servidor.","og_url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/","og_site_name":"Blog HelpSysAdmin","article_published_time":"2026-06-12T17:43:08+00:00","article_modified_time":"2026-06-12T18:00:13+00:00","og_image":[{"width":1500,"height":1000,"url":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/06\/modsecurity_no_directadmin.webp","type":"image\/webp"}],"author":"HelpSysAdmin","twitter_card":"summary_large_image","twitter_creator":"@brhelpsysad","twitter_site":"@brhelpsysad","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#article","isPartOf":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/"},"author":{"name":"HelpSysAdmin","@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/person\/bdbe3d7d71a0c6a3cb474c18da574efb"},"headline":"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a","datePublished":"2026-06-12T17:43:08+00:00","dateModified":"2026-06-12T18:00:13+00:00","mainEntityOfPage":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/"},"wordCount":2293,"publisher":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#organization"},"image":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#primaryimage"},"thumbnailUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/06\/modsecurity_no_directadmin.webp","keywords":["Apache","DirectAdmin","hardening linux","Hospedagem Web","modsecurity","nginx","owasp crs","seguran\u00e7a Linux","VPS Linux","waf"],"articleSection":["Pain\u00e9is de Hospedagem (Control Panels)","Seguran\u00e7a e Hardening"],"inLanguage":"pt-BR"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/","url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/","name":"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a","isPartOf":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#primaryimage"},"image":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#primaryimage"},"thumbnailUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/06\/modsecurity_no_directadmin.webp","datePublished":"2026-06-12T17:43:08+00:00","dateModified":"2026-06-12T18:00:13+00:00","description":"Aprenda como instalar, configurar e otimizar o ModSecurity no DirectAdmin. Proteja seus sites, reduza falsos positivos e aumente a seguran\u00e7a do servidor.","breadcrumb":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287056957"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287080421"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287108973"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287138777"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287164034"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287187372"}],"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#primaryimage","url":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/06\/modsecurity_no_directadmin.webp","contentUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/06\/modsecurity_no_directadmin.webp","width":1500,"height":1000,"caption":"modsecurity no directadmin"},{"@type":"BreadcrumbList","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/helpsysadmin.com.br\/blog\/"},{"@type":"ListItem","position":2,"name":"ModSecurity no DirectAdmin: Guia Completo de Instala\u00e7\u00e3o, Configura\u00e7\u00e3o e Seguran\u00e7a"}]},{"@type":"WebSite","@id":"https:\/\/helpsysadmin.com.br\/blog\/#website","url":"https:\/\/helpsysadmin.com.br\/blog\/","name":"Blog HelpSysAdmin","description":"Webserver linux blog","publisher":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#organization"},"alternateName":"HelpSysAdmin Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/helpsysadmin.com.br\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/helpsysadmin.com.br\/blog\/#organization","name":"HelpSysAdmin Gerenciamento de Servidores","alternateName":"HelpSysAdmin","url":"https:\/\/helpsysadmin.com.br\/blog\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:512\/h:512\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2020\/12\/favicon.png","contentUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:512\/h:512\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2020\/12\/favicon.png","width":512,"height":512,"caption":"HelpSysAdmin Gerenciamento de Servidores"},"image":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/brhelpsysad","https:\/\/mastodon.social\/@helpsysadmin"],"description":"Oferecemos o gerenciamento de servidores dedicados, vps ou cloud. Apresentamos a melhor experi\u00eancia em atendimento e servi\u00e7o. Nosso time cuidar\u00e1 do seu servidor com backups, an\u00e1lises constantes, ajustes de seguran\u00e7a, realiza\u00e7\u00e3o de manuten\u00e7\u00e3o preventiva e corretiva, otimiza\u00e7\u00e3o de performance al\u00e9m de monitoramento 24\u00d77 com suporte Pr\u00f3 Ativo.","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"1","maxValue":"10"}},{"@type":"Person","@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/person\/bdbe3d7d71a0c6a3cb474c18da574efb","name":"HelpSysAdmin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g","caption":"HelpSysAdmin"},"sameAs":["https:\/\/helpsysadmin.com.br\/blog\/"]},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287056957","position":1,"url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287056957","name":"O ModSecurity no DirectAdmin \u00e9 gratuito?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Sim. O mecanismo \u00e9 open source. Algumas regras podem possuir licenciamento espec\u00edfico.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287080421","position":2,"url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287080421","name":"Qual \u00e9 melhor: OWASP CRS ou Comodo?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Para a maioria dos ambientes, OWASP CRS \u00e9 a melhor escolha devido \u00e0 ampla ado\u00e7\u00e3o e atualiza\u00e7\u00f5es frequentes.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287108973","position":3,"url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287108973","name":"O ModSecurity pode deixar o servidor lento?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Em servidores modernos o impacto costuma ser pequeno quando configurado corretamente.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287138777","position":4,"url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287138777","name":"Posso usar ModSecurity com Nginx?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Sim. O DirectAdmin suporta ambientes Apache + Nginx Reverse Proxy.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287164034","position":5,"url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287164034","name":"Vale a pena utilizar em WordPress?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Sim. O WordPress \u00e9 um dos principais alvos de ataques automatizados e se beneficia muito do uso do ModSecurity.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287187372","position":6,"url":"https:\/\/helpsysadmin.com.br\/blog\/modsecurity-no-directadmin\/#faq-question-1781287187372","name":"Como reduzir falsos positivos?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Monitore logs, identifique Rule IDs problem\u00e1ticos e crie exce\u00e7\u00f5es espec\u00edficas em vez de desativar o firewall completamente.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"}]}},"lang":"pt","translations":{"pt":7143},"pll_sync_post":{},"_links":{"self":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts\/7143","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/comments?post=7143"}],"version-history":[{"count":3,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts\/7143\/revisions"}],"predecessor-version":[{"id":7148,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts\/7143\/revisions\/7148"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/media\/7144"}],"wp:attachment":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/media?parent=7143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/categories?post=7143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/tags?post=7143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}