Install mod_security on nginx webserver

prot3ct0r · Sep 19, 2015

Hello Guys !

Can anybody explain how to install mod_security2 and OWASP rules on www/nginx step by step.

Notice that I use from latest version of FreeBSD.

Thank you

junovitch@ · Sep 20, 2015

The 3rd party ModSecurity module isn't a default option for the port. To start, you would have to install www/nginx via ports by doing cd /usr/ports/www/nginx && make install.

prot3ct0r · Sep 20, 2015

I was installed nginx webserver with pkg : pkg install nginx now uninstall that? How?
And in port, I was install www/nginx and ticked modsecurity on install configuration but when in nginx.conf sets ModSecurityEnabled on; now how set the default WAF protection rules on nginx?

drhowarddrfine · Sep 20, 2015

pkg delete nginx

A simple Google of "nginx mod_security2" brought up a multitude of articles on how to do that.

prot3ct0r · Sep 20, 2015

drhowarddrfine said:
pkg delete nginx

A simple Google of "nginx modsecurity" brought up a multitude of articles on how to do that.

Hi
I active modsecurity on www/nginx.
Is there anything like owasp CRS for rules?
I did not find anything for configuration WAF .
Thank you

drhowarddrfine · Sep 20, 2015

I don't know but a simple Google for "web application firewall nginx" brought up a multitude of articles on that.

prot3ct0r · Sep 20, 2015

I searched a lot but couldn't find anything.

rudelgurke · Sep 20, 2015

Well - I simply installed the port by selecting the corresponding option, then using "https://github.com/SpiderLabs/owasp-modsecurity-crs" and doing local changes.

Still one issue that was problematic - and made me move mod_sec back to the backend Apache - was it doesn't seem possible to use "SecRuleRemoveById" inside a Nginx "location". It seems it's only possible to either globally disable or enable rules - unlike in Apache where you can disable rules on a location / directory base.