Welcome! Log In Create A New Profile

Advanced

Re: nginx Digest, Vol 157, Issue 12 / ModSecurity/

Stephen D. Scotti, M.D. via nginx
November 12, 2022 01:56AM
Just curious. I though the WAF and ModSecurity was only available with NGINX Plus on a paid subscription basis ?

Is it possible to implement that without a paid subscription if one is willing and able to compile and configure it on their own ?

What about using it with something like OpenResty ?

Thank you.

/sds
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of nginx digest..."Today's Topics:
>
> 1. Re: Help with nginx.conf (Jeremy Cocks)
>
> From: Jeremy Cocks <jeremy@jeremy.cx>
> Subject: Re: Help with nginx.conf
> Date: November 12, 2022 at 2:51:42 AM GMT+1
> To: nginx@nginx.org
> Reply-To: nginx@nginx.org
>
>
> You need to install the modsec lib from here (it has instructions)
> https://github.com/SpiderLabs/ModSecurity/ https://github.com/SpiderLabs/ModSecurity/tree/v3/master
>
> Depending on what distribution you are on, there may also be a package for it.
>
> Thanks
> J
>
>
>
> Cheers
>
> On Fri, 11 Nov 2022 at 18:40, Gus Flowers Starkiller <relectgustfs@gmail.com <mailto:relectgustfs@gmail.com>> wrote:
> Hi ! Thanks a lot for your explanation ! Well I've installed some Nginx servers all cases like configured like Proxy Reverse, But, at first I installed Nginx from pages different from Nginx.org but the source were get from nginx too (i think) and cases like nginx.conf is happening, different files with ngonx.org http://ngonx.org/ and other sources and for example that directories like sites-available and sites-enabled are missing after installation:
> e.g. /etc/nginx/sites-available and /etc/nginx/sites-enabled are not in installation from nginx.org http://nginx.org/ and as you say I could configure them to my own target, but in these cases I must install Nginx + ModSecurity + OWASP (CRS) because we must have the most security network with web pages to publicate.
> So, is there any configuration that you could recommend me?
> Another point too, I read the book about Nginx+Modsecurity from these book
>
> <image.png>
>
> And I couldn't find in which directories of linux is installed Nginx, in my cases Nginx and OWASP is in /usr/local/src but in the moment where I must compile Nginx there is error about module
> "./configure: error: ngx_http_modsecurity_module requires the ModSecurity library."
>
> Well I hope all these words don't disturb you at all, please sorry and any word you can tell me about this, I will be so grateful. Thanks a lot, greetings from Argentina.
>
> Gus Fls

_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org
Subject Author Posted

Re: nginx Digest, Vol 157, Issue 12 / ModSecurity/

Stephen D. Scotti, M.D. via nginx November 12, 2022 01:56AM

RE: nginx Digest, Vol 157, Issue 12 / ModSecurity/

Reinis Rozitis November 12, 2022 06:24AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 80
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready