Re: [mod-security-users] New to mod security. Experiencing issues with ModSecurity and Nginx Config
Brought to you by:
victorhora,
zimmerletw
From: Winfried N. <ne...@cl...> - 2015-05-11 12:25:14
|
Hi, are there any plans to get the branch in the FreeBSD ports? I am currently having issues with nginx and mod_sec, where after receiving a 100-continue, the request starts hanging. But the refectoring branch is not available in FreeBSD ports/packages, so I can handly give it a try, due to the whole dependicies that I'd have to resolve. Thanks Winni > From: "Piyush Misra" <piy...@gm...> > To: "mod-security-users" <mod...@li...> > Sent: Monday, May 11, 2015 2:11:18 PM > Subject: Re: [mod-security-users] New to mod security. Experiencing issues with > ModSecurity and Nginx Config > Thanks Felipe and Soren > . > Installing the refactoring branch did resolved the issue. :) > On Mon, May 11, 2015 at 12:17 PM, Felipe Costa < FC...@tr... > wrote: >> Hi Piyush, >> Please try the nginx_refactoring branch. >> $ git clone git:// github.com/SpiderLabs/ModSecurity.git >> $ cd ModSecurity >> $ git checkout nginx_refactoring >> $ ./autogen.sh >> $ ./configure --enable-standalone-module --disable-mlogc >> $ make >> Br., >> Felipe ³Zimmerle² Costa >> Security Researcher, SpiderLabs >> Trustwave | SMART SECURITY ON DEMAND >> www.trustwave.com < http://www.trustwave.com/ > >> From: Piyush Misra < piy...@gm... > >> Reply-To: " mod...@li... " >> < mod...@li... > >> Date: Saturday, May 9, 2015 at 8:52 PM >> To: " mod...@li... " >> < mod...@li... > >> Subject: [mod-security-users] New to mod security. Experiencing issues >> with ModSecurity and Nginx Config >> Hello Team, >> I have installed Modsecurity and Nginx in a box using the following method >> 1. git clone git:// github.com/SpiderLabs/ModSecurity.git >> < http://scanmail.trustwave.com/?c=4062&d=0J7O1QCMtklKpOLoiVUL5u124rEoU-8DEG >> mcD2oc6w&s=5&u=http%3a%2f%2fgithub%2ecom%2fSpiderLabs%2fModSecurity%2egit > >> 2. cd mod_security >> 3. ./autogen.sh >> < http://scanmail.trustwave.com/?c=4062&d=0J7O1QCMtklKpOLoiVUL5u124rEoU-8DED >> vLXGYfuA&s=5&u=http%3a%2f%2fautogen%2esh > >> 4. ./configure --enable-standalone-module --disable-mlogc >> 5. make >> -----------(No Errors) >> wget >> http://www.nginx.org/download/nginx-1.8.0.tar.gz >> < http://scanmail.trustwave.com/?c=4062&d=0J7O1QCMtklKpOLoiVUL5u124rEoU-8DEG >> ycWDgb7g&s=5&u=http%3a%2f%2fwww%2enginx%2eorg%2fdownload%2fnginx-1%2e8%2e0% >> 2etar%2egz > >> tar -xvpzf nginx-1.8.0.tar.gz >> cd nginx-1.8.0 >> ./configure --add-module=../mod_security/nginx/modsecurity >> --with-http_ssl_module >> make >> make install >> --------(No Errors) >> My Nginx.conf file contents are as below: >> server { >> listen 80; >> server_name >> xx.yy.com >> < http://scanmail.trustwave.com/?c=4062&d=0J7O1QCMtklKpOLoiVUL5u124rEoU-8DEG >> 7MXTod7g&s=5&u=http%3a%2f%2fxx%2eyy%2ecom >; >> #charset koi8-r; >> #access_log logs/host.access.log main; >> location / { >> ModSecurityEnabled on; >> ModSecurityConfig /usr/local/nginx/conf/modsecurity.conf; >> root html; >> index index.html index.htm; >> proxy_pass >> http://mysite.mydomain.com:8080 >> < http://scanmail.trustwave.com/?c=4062&d=0J7O1QCMtklKpOLoiVUL5u124rEoU-8DED >> rPDGYZ6w&s=5&u=http%3a%2f%2fmysite%2emydomain%2ecom%3a8080 >; >> } >> } >> When I start my nginx server and opens >> xx.yy.com >> < http://scanmail.trustwave.com/?c=4062&d=0J7O1QCMtklKpOLoiVUL5u124rEoU-8DEG >> 7MXTod7g&s=5&u=http%3a%2f%2fxx%2eyy%2ecom > in a browser it gives me the >> following response: >> The connection was reset >> The connection to the server was reset while the page was loading. >> The site could be temporarily unavailable or too busy. Try again in a few >> moments. >> If you are unable to load any pages, check your computer's network >> connection. >> If your computer or network is protected by a firewall or proxy, make sure >> that Firefox is permitted to access the Web. >> The error log just says: >> 2015/05/08 00:32:04 [alert] 27771#0: worker process 27772 exited on signal >> 11 >> 2015/05/08 00:32:04 [alert] 27771#0: worker process 27773 exited on signal >> 11 >> 2015/05/08 00:56:11 [alert] 27771#0: worker process 27774 exited on signal >> 11 >> Where as if I write ModSecurityEnabled off; >> everything works fine. >> I have a simple setup for testing this. >> In one box I have nginx+modsecurity > haproxy > webserver 1 and webserver 2 >> webserver 1 and 2 contains apache serving a simple html file which outputs >> to browser a text being "Server 1" or "Server 2" >> Could you please help me out in this? As this is urgent to test this for >> my project work. >> Thanks, >> Piyush >> ________________________________ >> This transmission may contain information that is privileged, confidential, >> and/or exempt from disclosure under applicable law. If you are not the intended >> recipient, you are hereby notified that any disclosure, copying, distribution, >> or use of the information contained herein (including any reliance thereon) is >> strictly prohibited. If you received this transmission in error, please >> immediately contact the sender and destroy the material in its entirety, >> whether in electronic or hard copy format. >> ------------------------------------------------------------------------------ >> One dashboard for servers and applications across Physical-Virtual-Cloud >> Widest out-of-the-box monitoring support with 50+ applications >> Performance metrics, stats and reports that give you Actionable Insights >> Deep dive visibility with transaction tracing using APM Insight. >> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |