Help with nginx.conf
noloader at gmail.com
Sat Nov 12 03:48:18 UTC 2022
On Fri, Nov 11, 2022 at 1:43 PM Gus Flowers Starkiller <
relectgustfs at gmail.com> wrote:
> Hi ! Thanks a lot for your explanation ! Well I've installed some Nginx
servers all cases like configured like Proxy Reverse, But, at first I
installed Nginx from pages different from Nginx.org but the source were get
from nginx too (i think) and cases like nginx.conf is happening, different
files with ngonx.org and other sources and for example that directories
like sites-available and sites-enabled are missing after installation:
> e.g. /etc/nginx/sites-available and /etc/nginx/sites-enabled are not in
installation from nginx.org and as you say I could configure them to my own
target, but in these cases I must install Nginx + ModSecurity + OWASP (CRS)
because we must have the most security network with web pages to publicate.
> So, is there any configuration that you could recommend me?
> Another point too, I read the book about Nginx+Modsecurity from these book
> And I couldn't find in which directories of linux is installed Nginx, in
my cases Nginx and OWASP is in /usr/local/src but in the moment where I
must compile Nginx there is error about module
> "./configure: error: ngx_http_modsecurity_module requires the ModSecurity
> Well I hope all these words don't disturb you at all, please sorry and
any word you can tell me about this, I will be so grateful. Thanks a lot,
greetings from Argentina.
One comment about this:
I must install Nginx + ModSecurity + OWASP (CRS) because we
must have the most security network with web pages to
I help run a website and wiki. CRS was too aggressive in practice, and it
broke the wiki. We could not submit page edits. So we used modsecurity, but
we dropped the CRS gear.
Modsecurity alone will still provide basic protections, like MIME types,
some request protections, some header protection, some body protection,
some memory limits, etc. (See /etc/modsecurity/modsecurity.conf for the
Here's what it looks like under Apache:
# cat /etc/apache2/mods-enabled/security2.conf
# Default Debian dir for modsecurity's persistent data
# Include all the *.conf files in /etc/modsecurity.
# Include OWASP ModSecurity CRS rules if installed
# IncludeOptional /usr/share/modsecurity-crs/*.load
I don't think I've ever run ModSecurity with Nginx, so I am not sure what
the configuration would look like.
This does not help you with Nginx, but here are the relevant packages for
# apt-cache search modsecurity
libapache2-mod-security2 - Tighten web applications security for Apache
libmodsecurity-dev - ModSecurity v3 library component (development files)
libmodsecurity3 - ModSecurity v3 library component
modsecurity-crs - OWASP ModSecurity Core Rule Set
'modsecurity-crs' is what we avoided due to the wiki. It is no longer
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx