NGINX, Litespeed and IIS rules

Customer support forums for the modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the real time modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

NGINX, Litespeed and IIS rules

Unread post by mikeshinn »

Litespeed is supported with our standard rules out of the box. We actually finished this port at the beginning of the year, but since people keep asking I thought we should post something on the forums to help answer that question in the future. Please see the litespeed article for additional information on Litespeed and mosecurity:

https://www.atomicorp.com/wiki/index.php/Litespeed

NGINX and IIS are also supported. NGINX and IIS do not support the same rule syntax that apache supports, and therefore have their own rules (they use the same rules, so there isnt a set for nginx and IIS, its the same set for either one).

You will find those rules under the "experimental" subfolder. These are considered experimental for one reason: mod_security itself on those platforms either has bugs, or is not reliable (read: lots of bugs). This has nothing to do with the rules, mod_security is just less mature on those platforms, and the mod_security ports operate differently than in apache. In some cases, the port isnt working so well. The nginx port is a good example, its got bugs. More on this in a moment.

Therefore, if you are using IIS, we'd consider mod_security to be of release candidate/beta quality. The rules are fine, its the mod_security port we caution our customers to be mindful of. For the most part you should be fine, but there are some bugs in the mod_security port. Its almost there.

For nginx, the mod_security port unfortunately has lots of bugs. Again, this doesnt have anything to do with rules. If someone claims their rules work perfectly with nginx, they arent telling you the truth. The nginx port is a work in progress and is being refactored. We dont recommend using nginx with mod_security for production use at this time unless you are a developer and are prepared to chip in and fix bugs. It absolutely will miss things and does not work as expected. The code is being refactored to address this, so if you must use nginx alone, then you will want to use the latest svn code. Please understand that this code is under development, and should be considered alpha quality.
imadsani
Forum Regular
Forum Regular
Posts: 112
Joined: Mon Sep 16, 2013 10:10 am
Location: Lahore

Re: NGINX, Litespeed and IIS rules

Unread post by imadsani »

Hey,

I can't seem to find the experimental rules sub folder here: https://updates.atomicorp.com/channels/ ... scription/

I tried the testing folder they're aren't there either.

Help please?
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: NGINX, Litespeed and IIS rules

Unread post by scott »

imadsani
Forum Regular
Forum Regular
Posts: 112
Joined: Mon Sep 16, 2013 10:10 am
Location: Lahore

Re: NGINX, Litespeed and IIS rules

Unread post by imadsani »

*embarrassed* yeah, I JUST found that link
Post Reply