This release implements the libmodsecurity v3 WAF as a DSO (Dynamic Shared Object) in the popular Nginx web server. Unlike previous iterations that required a full recompile of nginx, this iteration allows an external module to be added through a simple config file change.
Please note that libmodsecurity v3 is under heavy development, and does not have feature parity with mod_security 2.9 at this time. The dedicated nginx-waf rule repository is available at:
http://updates.atomicorp.com/channels/r ... inx-latest
Supported Platforms:
Centos / Redhat / Cloudlinux 7
Fedora 24-26
Installation:
1) add the atomic repository
wget -q -O - https://updates.atomicorp.com/installers/atomic |sh
2) Install / upgrade nginx 1.13.x and nginx-module-modsecurity
yum install nginx nginx-module-modsecurity
3) Download the latest ruleset from: https://updates.atomicorp.com/channels/ ... inx-latest
4) enable modsecurity in /etc/nginx/nginx.conf
load_module modules/ngx_http_modsecurity_module.so;
5) extract the archive, and copy contents:
tar xvf nginx-waf-201709121114.tar.gz
mkdir -p /etc/httpd/modsecurity.d/
cp rules/* /etc/httpd/modsecurity.d/
cp rules/conf/tortix_waf.conf /etc/httpd/modsecurity.d/
cp rules/conf/00_mod_security.conf /etc/nginx/conf.d/
6) (re)start Nginx
service nginx restart