nginx modsecurity on Debian 8

Thierry lenaigst at maelenn.org
Wed Dec 23 12:44:46 UTC 2015


What I have ...
Could you please explain to me what do I have to do ? I do not understand ...
Sorry

nginx version: nginx/1.6.2
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/tmp/buildd/nginx-1.6.2/debian/modules/nginx-auth-pam --add-module=/tmp/buildd/nginx-1.6.2/debian/modules/nginx-dav-ext-module --add-module=/tmp/buildd/nginx-1.6.2/debian/modules/nginx-echo --add-module=/tmp/buildd/nginx-1.6.2/debian/modules/nginx-upstream-fair --add-module=/tmp/buildd/nginx-1.6.2/debian/modules/ngx_http_substitutions_filter_module

> nginx -V will show configure arguments. You need to add mod_sec at
> the beginning of whatever is in there. 




> On Wed, Dec 23, 2015 at 5:51 PM, Thierry <lenaigst at maelenn.org> wrote:

> Hi,
>  
>  A bit lost ...
>  I know nothing concerning nginx, I am more confortable with Apache2.
>  I am using an email server who is using nginx on debian 8.
>  I would need to install modsecurity as module.
>  I have understood that I need to compile from the working directory of
>  nginx ....
>  
>  ./configure --add-module=/opt/ModSecurity-nginx
>  
>  But how to deal with it if nginx as been installed from binary (debian
>  package) ?
>  
>  I have followed these instructions:
>  
>   $ sudo dnf install gcc-c++ flex bison curl-devel curl yajl yajl-devel GeoIP-devel doxygen
>  $ cd /opt/
>  $ git clone https://github.com/SpiderLabs/ModSecurity
>  $ cd ModSecurity
>  $ git checkout libmodsecurity
>  $ sh build.sh
>  $ ./configure
>  $ make
>  $ make install
>  $ cd /opt/
>  $ git clone https://github.com/SpiderLabs/ModSecurity-nginx
>  $ cd /opt/Modsecurity-nginx
>  $ git checkout experimental
>  $ cd /opt/
>  *******************************************************************
>  $ wget http://nginx.org/download/nginx-1.9.2.tar.gz
>  $ tar -xvzf nginx-1.9.2.tar.gz
>  $ yum install zlib-devel
>  *******************************************************************
>  $ ./configure --add-module=/opt/ModSecurity-nginx
>  
>  
>  
>  Everything went fine until the last ./configure ....
>  I  didn't  apply  what's  between  " *** " because my nginx server is
>  already installed and working.
>  
>  Any ideas ?
>  
>  Thx
>  --
>  Cordialement,
>   Thierry                          e-mail : lenaigst at maelenn.org
>  
>  _______________________________________________
>  nginx mailing list
>  nginx at nginx.org
>  http://mailman.nginx.org/mailman/listinfo/nginx
>  








More information about the nginx mailing list