Re: [mod-security-users] modsecurity 3 rpms for nginx (centos, aws linux)
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] modsecurity 3 rpms for nginx (centos, aws linux)
|
From: Victor H. <vic...@gm...> - 2018-12-14 16:36:21
|
hummm, I was looking into Atomicorp repo <https://www6.atomicorp.com/channels/ossec/redhat/7/x86_64/RPMS/> and it seems like all of their libModSecurity packages are from earlier this year, either based of 3.0.0 or 3.0.2. I would recommend using 3.0.3. Seems like Arch Linux <https://archlinux.pkgs.org/rolling/archlinux-community-x86_64/libmodsecurity-1:3.0.3-1-x86_64.pkg.tar.xz.html> and Slackware <https://slackware.pkgs.org/14.2/slackers/libmodsecurity-3.0.3-x86_64-1cf.txz.html> have 3.0.3 on their repos. Using their spec files might help out people wishing to build their own packages or for other distros to adopt. If you want to share your "recipe" or spec files, we could add them to the Compilation-recipes-for-v3.x <https://github.com/SpiderLabs/ModSecurity/wiki/Compilation-recipes-for-v3.x> until we have a dedicated wiki page for packages or something like that :) Cheers On Fri, Dec 14, 2018 at 11:17 AM Eero Volotinen <eer...@ik...> wrote: > Hi Victor, > > Atomic Corp repo contains libmodsecurity 3.x.x and apache modsecurity > module for rhel 7 / centos 7 > > Anyway. Looks like there is not much nginx modsecurity available.. so I > have spec files and compilation > instructions for Amazon Linux 2 (libmodsecurity 3+nginx modsecurity 3 > module) and for Centos 7 too. > > I can provide these files, if someone is intrested? > > Eero > > Eero > > On Fri, Dec 14, 2018 at 6:02 PM Victor Hora <vic...@gm...> > wrote: > >> Hi guys, >> >> There's a few libModSecurity packages for RPM and apt/dpkg based distros >> available. See this comment here: >> >> >> https://github.com/SpiderLabs/ModSecurity/issues/1981#issuecomment-446014441 >> >> Regardless, if any of you get packages inside distros, let us know and we >> will happily add references to them either on www.modsecurity.org and/or >> github.com/SpiderLabs/ModSecurity/wiki :) >> >> Cheers >> >> On Thu, Dec 13, 2018 at 3:33 AM Eero Volotinen <eer...@ik...> >> wrote: >> >>> Hi, >>> >>> I already generated packages for aws linux and centos 7 (nginx only as >>> apache version is available from atomic repo) >>> >>> Some (all? of packagers are not giving these out for free), but I am >>> planning to release them as GPL. >>> >>> Eero >>> >>> On Thu, Dec 13, 2018 at 9:24 AM Ervin Hegedüs <ai...@gm...> wrote: >>> >>>> Hi Eero, >>>> >>>> On Thu, Dec 13, 2018 at 07:27:30AM +0200, Eero Volotinen wrote: >>>> > Hi List, >>>> > >>>> > Is there place were I can distribute instructions for rpms generation >>>> and >>>> > binaries? >>>> >>>> I think there is a better place: >>>> >>>> https://sourceforge.net/p/mod-security/mailman/mod-security-packagers/ >>>> >>>> > Looks like there is not much nginx modsecurity binaries available for >>>> free.. >>>> >>>> @agi and me have successfully created the modsecurity package for >>>> Debian (a couple of days ago). If you think, you can find some >>>> help there: >>>> >>>> https://salsa.debian.org/agi/modsecurity/tree/upstream_3.0.3 >>>> >>>> https://buildd.debian.org/status/logs.php?pkg=modsecurity&ver=3.0.3-1&suite=sid >>>> >>>> (The builded package isnt't part of Debian, but I hope it will be >>>> soon.) >>>> >>>> I think you have to do it first (libmodsecurity), and then you >>>> can do the others (Apache, nGinx...) >>>> >>>> If you have any question, just let me know. >>>> >>>> >>>> a. >>>> >>>> >>>> >>>> _______________________________________________ >>>> mod-security-users mailing list >>>> mod...@li... >>>> https://lists.sourceforge.net/lists/listinfo/mod-security-users >>>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >>>> http://www.modsecurity.org/projects/commercial/rules/ >>>> http://www.modsecurity.org/projects/commercial/support/ >>>> >>> _______________________________________________ >>> mod-security-users mailing list >>> mod...@li... >>> https://lists.sourceforge.net/lists/listinfo/mod-security-users >>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >>> http://www.modsecurity.org/projects/commercial/rules/ >>> http://www.modsecurity.org/projects/commercial/support/ >>> >> >> >> -- >> - >> Victor Ribeiro Hora >> > -- - Victor Ribeiro Hora |
