ModSecurity开源WAF部署

  sre


先安装nginx

yum安装nginx-mainline

epel

yum install -y epel-release

依赖

yum install -y gcc-c++ flex bison yajl yajl-devel curl-devel curl GeoIP-devel doxygen zlib-devel pcre pcre-devel libxml2 libxml2-devel autoconf automake lmdb-devel ssdeep-devel ssdeep-libs  libmaxminddb-devel git apt-utils autoconf automake build-essential git libcurl4-openssl-dev libgeoip-dev liblmdb-dev ibpcre++-dev libtool libxml2-dev libyajl-dev pkgconf wget zlib1g-dev

编译ModSecurity库

git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity
cd ModSecurity
git submodule init
git submodule update
./build.sh
./configure
make -j 8
make install

nginx连接器:

cd /root/
git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git

nginx版本

[root@localhost ModSecurity-nginx]# nginx -v
nginx version: nginx/1.18.0

编译模块:

wget http://nginx.org/download/nginx-1.18.0.tar.gz
tar zxvf  nginx-1.18.0.tar.gz
cd nginx-1.18.0
./configure --with-compat --add-dynamic-module=/root/ModSecurity-nginx
make modules
cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules/

将load_module指令添加到/etc/nginx/nginx.conf的main域:

[root@localhost nginx-1.18.0]# head /etc/nginx/nginx.conf
load_module modules/ngx_http_modsecurity_module.so;
user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;

测试

[root@localhost nginx-1.18.0]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

LEAVE A COMMENT

Captcha Code