nginx Digest, Vol 157, Issue 12 / ModSecurity/
Reinis Rozitis
r at roze.lv
Sat Nov 12 11:23:13 UTC 2022
> Just curious. I though the WAF and ModSecurity was only available with
NGINX Plus on a paid subscription basis ?
You can compile the module yourself (either dynamically or inside nginx
binary) also on the community version.
https://github.com/SpiderLabs/ModSecurity-nginx/releases
> Is it possible to implement that without a paid subscription if one is
willing and able to compile and configure it on their own ?
Yes.
> What about using it with something like OpenResty ?
I imagine that there shouldn't be any problems loading the modsecurity
plugin if you have it compiled on the same core version (if you use prebuilt
Openresty packages).
rr
More information about the nginx
mailing list