Re: [mod-security-users] nginx+modsecurity
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] nginx+modsecurity
|
From: Andrew C. <and...@gm...> - 2015-03-26 11:18:54
|
Hi Morris!
I am still facing the same problem. I have tried all your suggestions and
restarted everything from scratch. I have enabled debug logging and there
is nothing there that helps. I also attempted to rebuild everything under
Ubuntu 14.04 and I get exactly the same error in the logs. I have run out
of ideas and I am also running out of time. I would appreciate if anyone
can suggest something, anything really. Thank you!
Andrew
On 24 March 2015 at 11:00, Andrew Camilleri <and...@gm...>
wrote:
> Thank you morris! I really appreciate your help! Cheers!
>
> On 24 March 2015 at 10:54, Morris Taylor <mo...@em...> wrote:
>
>> Dear Andrew,
>>
>> I have seen lots of articles telling the readers to catenate all
>> config files together. However, you may observe something weird with the
>> setting within nginx. Therefore, following is my solution:
>>
>> (the dots means some settings are not related and are skipped.)
>>
>> in nginx.conf :
>>
>> server {
>> ....
>> location / {
>> ...
>> ModSecurityEnabled on;
>> ModSecurityConfig /path/to/modsecurity.conf;
>> ...
>> }
>> }
>>
>> in modsecurity.conf:
>>
>> (at the end of file)
>>
>> Include /path/to/modsecurity_crs_10_setup.conf
>> Include /path/to/crs/*.conf
>>
>> My answer is based on assuming your have followed the install
>> instructions on the official manual and running with latest stable version
>> of nginx and modsecurity. If you still encounter some problems, please try
>> to use base core-rule-set instead of other rule sets. Also, you can enable
>> the debugging mode to identify the issue through the debug log.
>>
>>
>> --
>> BR, Morris
>>
>>
>> On Fri, Mar 20, 2015, at 10:39 PM, Andrew Camilleri wrote:
>>
>> Hi!
>>
>> I am trying to enable modsecurity in nginx and I got stuck. Here are my
>> steps:
>>
>> yum install -y gcc make automake autoconf libtool
>> yum install -y pcre pcre-devel libxml2 libxml2-devel curl curl-devel
>> httpd-devel
>>
>> from modsecurity folder:
>>
>> ./configure --enable-standalone-module --disable-mlogc
>> make
>>
>> from nginx folder:
>> ./configure --add-module=../mod_security/nginx/modsecurity
>> make
>> sudo make install
>>
>> All works so far. Tested nginx on its own, and it works fine. So proceed
>> to enable modsecurity and owasp rules. I follow steps from here
>> <http://cronylab.pl/art,nginx,modsecurity,howto,201.html> which
>> basically suggest to catenate modsecurity.conf-recommended,
>> modsecurity_crs_10_setup.conf.example and crs-rules/*.conf together and
>> also copy the base_rules/*data files to nginx conf. I go and start nginx
>> and it doesnt complain. Then I browse onto my test app and it seems to
>> work, but when I attempt to POST for a login, nginx hangs and I get the
>> following in the error.log:
>>
>> 2015/03/20 11:33:37 [notice] 37800#0: signal process started
>> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity for nginx
>> (STABLE)/2.9.0 (http://www.modsecurity.org/) configured.
>> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: APR compiled
>> version="1.3.9"; loaded version="1.3.9"
>> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: PCRE compiled
>> version="7.8 "; loaded version="7.8 2008-09-05"
>> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: LIBXML compiled
>> version="2.7.6"
>> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: StatusEngine call:
>> "2.9.0,nginx,1.3.9/1.3.9,7.8/7.8
>> 2008-09-05,(null),2.7.6,bd9197350c776162590f1f3364fb3a831179d4fa"
>> 2015/03/20 11:33:41 [notice] 37801#0: ModSecurity: StatusEngine call
>> successfully sent. For more information visit:
>> http://status.modsecurity.org/
>> 2015/03/20 11:34:07 [alert] 37802#0: worker process 37803 exited on
>> signal 9
>> 2015/03/20 11:34:15 [alert] 37802#0: worker process 37822 exited on
>> signal 9
>>
>> The response in the browser is completely empty. I am running this on a
>> CentOS 6.6 VM. Can anyone help please? I have attempted this with both
>> stable nginx 1.6.2 and Mainline 1.7.10. Many thanks for reading
>> this...Cheers!
>>
>> Andrew
>>
>> ------------------------------------------------------------------------------
>> Dive into the World of Parallel Programming The Go Parallel Website,
>> sponsored
>> by Intel and developed in partnership with Slashdot Media, is your hub
>> for all
>> things parallel software development, from weekly thought leadership
>> blogs to
>> news, videos, case studies, tutorials and more. Take a look and join the
>> conversation now. http://goparallel.sourceforge.net/
>> *_______________________________________________*
>> mod-security-users mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-users
>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
>> http://www.modsecurity.org/projects/commercial/rules/
>> http://www.modsecurity.org/projects/commercial/support/
>>
>>
>>
>
>
|
