Re: [mod-security-users] nginx+modsecurity
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] nginx+modsecurity
|
From: Andrew C. <and...@gm...> - 2015-03-24 11:01:21
|
Thank you morris! I really appreciate your help! Cheers!
On 24 March 2015 at 10:54, Morris Taylor <mo...@em...> wrote:
> Dear Andrew,
>
> I have seen lots of articles telling the readers to catenate all
> config files together. However, you may observe something weird with the
> setting within nginx. Therefore, following is my solution:
>
> (the dots means some settings are not related and are skipped.)
>
> in nginx.conf :
>
> server {
> ....
> location / {
> ...
> ModSecurityEnabled on;
> ModSecurityConfig /path/to/modsecurity.conf;
> ...
> }
> }
>
> in modsecurity.conf:
>
> (at the end of file)
>
> Include /path/to/modsecurity_crs_10_setup.conf
> Include /path/to/crs/*.conf
>
> My answer is based on assuming your have followed the install instructions
> on the official manual and running with latest stable version of nginx and
> modsecurity. If you still encounter some problems, please try to use base
> core-rule-set instead of other rule sets. Also, you can enable the
> debugging mode to identify the issue through the debug log.
>
>
> --
> BR, Morris
>
>
> On Fri, Mar 20, 2015, at 10:39 PM, Andrew Camilleri wrote:
>
> Hi!
>
> I am trying to enable modsecurity in nginx and I got stuck. Here are my
> steps:
>
> yum install -y gcc make automake autoconf libtool
> yum install -y pcre pcre-devel libxml2 libxml2-devel curl curl-devel
> httpd-devel
>
> from modsecurity folder:
>
> ./configure --enable-standalone-module --disable-mlogc
> make
>
> from nginx folder:
> ./configure --add-module=../mod_security/nginx/modsecurity
> make
> sudo make install
>
> All works so far. Tested nginx on its own, and it works fine. So proceed
> to enable modsecurity and owasp rules. I follow steps from here
> <http://cronylab.pl/art,nginx,modsecurity,howto,201.html> which basically
> suggest to catenate modsecurity.conf-recommended,
> modsecurity_crs_10_setup.conf.example and crs-rules/*.conf together and
> also copy the base_rules/*data files to nginx conf. I go and start nginx
> and it doesnt complain. Then I browse onto my test app and it seems to
> work, but when I attempt to POST for a login, nginx hangs and I get the
> following in the error.log:
>
> 2015/03/20 11:33:37 [notice] 37800#0: signal process started
> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity for nginx (STABLE)/2.9.0
> (http://www.modsecurity.org/) configured.
> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: APR compiled
> version="1.3.9"; loaded version="1.3.9"
> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: PCRE compiled
> version="7.8 "; loaded version="7.8 2008-09-05"
> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: LIBXML compiled
> version="2.7.6"
> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: StatusEngine call:
> "2.9.0,nginx,1.3.9/1.3.9,7.8/7.8
> 2008-09-05,(null),2.7.6,bd9197350c776162590f1f3364fb3a831179d4fa"
> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: StatusEngine call
> successfully sent. For more information visit:
> http://status.modsecurity.org/
> 2015/03/20 11:34:07 [alert] 37802#0: worker process 37803 exited on signal
> 9
> 2015/03/20 11:34:15 [alert] 37802#0: worker process 37822 exited on signal
> 9
>
> The response in the browser is completely empty. I am running this on a
> CentOS 6.6 VM. Can anyone help please? I have attempted this with both
> stable nginx 1.6.2 and Mainline 1.7.10. Many thanks for reading
> this...Cheers!
>
> Andrew
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> *_______________________________________________*
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>
>
>
|
