Re: [Mod-security-developers] libmodsec error with nginx
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] libmodsec error with nginx
|
From: Phil D. <ux...@sp...> - 2016-01-18 14:18:51
|
Hello Felipe,
I have updated them but I cannot find the one for specifying the name of the configuration file ?
modsecurity on;
modsecurity_conf modsecurity.conf;
Thanks, Phil
----- On 18 Jan, 2016, at 14:02, Felipe Costa FC...@tr... wrote:
> Hi Phil,
>
> Sorry for the delay. In version 3 we have changed the NGINX configuration
> directives.
> They now have the same shape of the others NGINX configuration directives. There
> are
> some examples here:
>
> https://github.com/SpiderLabs/ModSecurity-nginx/#usage
>
>
>
> Br.,
> Felipe “Zimmerle” Costa
> Security Researcher, SpiderLabs
>
> Trustwave | SMART SECURITY ON DEMAND
> www.trustwave.com <http://www.trustwave.com/>
>
>
>
>
>
>
>
>
>
>
>
> On 1/7/16, 5:03 PM, "Phil Daws" <ux...@sp...> wrote:
>
>>Hello:
>>
>>have built nginx 1.9.9 with libmodsecurity but when I test my config am seeing:
>>
>>nginx: [emerg] unknown directive "ModSecurityEnabled"
>>
>>checking the nginx binary it appears to have been compiled correctly:
>>
>>(ngx01)# strings nginx | grep -i modsec
>>libmodsecurity.so.3
>>/usr/local/modsecurity/lib
>>configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx
>>--conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log
>>--http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid
>>--lock-path=/var/run/nginx.lock
>>--http-client-body-temp-path=/var/cache/nginx/client_temp
>>--http-proxy-temp-path=/var/cache/nginx/proxy_temp
>>--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
>>--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp
>>--http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx
>>--add-module=./ngx_pagespeed-release-1.10.33.2-beta
>>--add-module=./ModSecurity-nginx --with-http_ssl_module --with-http_v2_module
>>--with-http_realip_module --with-http_addition_module --with-http_sub_module
>>--with-http_dav_module --with-http_flv_module --with-http_mp4_module
>>--with-http_gunzip_module --with-http_gzip_static_module
>>--with-http_random_index_module --with-http_secure_link_module
>>--with-http_stub_status_module --with-http_auth_request_module --with-mail
>>--with-mail_ssl_module --with-file-aio --with-ipv6 --with-cc-opt='-O2 -g -pipe
>>-Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong
>>--param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic'
>>modsecurity
>>modsecurity_rules_file
>>modsecurity_rules_remote
>>modsecurity_rules
>>ModSecurity-nginx v0.0.2-alpha
>>
>>Has a configuration option changed at all ?
>>
>>Thanks, Phil
>>
>>
>>
>>------------------------------------------------------------------------------
>>_______________________________________________
>>mod-security-developers mailing list
>>mod...@li...
>>http://scanmail.trustwave.com/?c=4062&d=s8SO1sZYaea2_QUHlfDp8dwbFwFpUYwV2-QGDhkluw&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>>ModSecurity Services from Trustwave's SpiderLabs:
>>https://www.trustwave.com/spiderLabs.php
>
> ________________________________
>
> This transmission may contain information that is privileged, confidential,
> and/or exempt from disclosure under applicable law. If you are not the intended
> recipient, you are hereby notified that any disclosure, copying, distribution,
> or use of the information contained herein (including any reliance thereon) is
> strictly prohibited. If you received this transmission in error, please
> immediately contact the sender and destroy the material in its entirety,
> whether in electronic or hard copy format.
|
