The 3rd party ModSecurity module isn't a default option for the port. To start, you would have to install www/nginx via ports by doing cd /usr/ports/www/nginx && make install.
I was installed nginx webserver with pkg : pkg install nginx now uninstall that? How?
And in port, I was install www/nginx and ticked modsecurity on install configuration but when in nginx.conf sets ModSecurityEnabled on; now how set the default WAF protection rules on nginx?
Still one issue that was problematic - and made me move mod_sec back to the backend Apache - was it doesn't seem possible to use "SecRuleRemoveById" inside a Nginx "location". It seems it's only possible to either globally disable or enable rules - unlike in Apache where you can disable rules on a location / directory base.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.