Install mod_security on nginx webserver

Hello Guys !

Can anybody explain how to install mod_security2 and OWASP rules on www/nginx step by step.

Notice that I use from latest version of FreeBSD.

Thank you
 
I was installed nginx webserver with pkg : pkg install nginx now uninstall that? How?
And in port, I was install www/nginx and ticked modsecurity on install configuration but when in nginx.conf sets ModSecurityEnabled on; now how set the default WAF protection rules on nginx?
 
Well - I simply installed the port by selecting the corresponding option, then using "https://github.com/SpiderLabs/owasp-modsecurity-crs" and doing local changes.

Still one issue that was problematic - and made me move mod_sec back to the backend Apache - was it doesn't seem possible to use "SecRuleRemoveById" inside a Nginx "location". It seems it's only possible to either globally disable or enable rules - unlike in Apache where you can disable rules on a location / directory base.
 
Top