We've been using ASL on 5 servers for about a year and a half now. About a month and a half ago I found out that ASL was not active on the domains. After a lot of research on the forums and raising tickets it was concluded, by Scott on the forums, that something was missing from my installation of ASL.
Currently we have the server’s setup with the following configuration:
• CentOS 6.X 64-bit
• Plesk 12
• PHP 5.4
• NGINX 1.6 (as NON REVERSE PROXY / NON PROXY web server)
• PHP-FPM 5.4.39-45
• Memcached 1.4.22-4
• Varnish 4.0.2-3
• Percona 5.6
Multiple site are running on the same server, some with dedicated ip’s, others on shared ip’s.
The problem is WAF isn’t working on any of my sites because of the above configuration. We need to get WAF working with the above configuration as all the sites are open to attacks and all of them are high traffic websites.
Let us know if there is a way out and you can help us restore ASL on all the servers, else we’ll have to look for some other option.
WAF / TWAF issues with PHP-FPM (NGINX)
Re: WAF / TWAF issues with PHP-FPM (NGINX)
did you congifure the twaf to sit in front of nginx?
If everything was easy, then the world wouldn't need engineers.
-
scott
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: WAF / TWAF issues with PHP-FPM (NGINX)
Right the situation here is that nginx doesnt have a waf (yet, mod_security support for nginx is still buggy), and youre calling php-fpm it directly. You need to put some instance of apache in this mix to handle the WAF component, either as a proxy before nginx using a T-WAF, or between it and PHP using a downstream instance of apache.
Re: WAF / TWAF issues with PHP-FPM (NGINX)
Is it possible to try ModSecurity v2.9? They claim it's a stable release for both Apache and Nginx.
-
scott
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: WAF / TWAF issues with PHP-FPM (NGINX)
Sure, it will be in the next ASL release: 4.0.11 (Milton)
Re: WAF / TWAF issues with PHP-FPM (NGINX)
Quick question, nginx -V doesn't show that it has mod_security loaded. How can I load mod_security?
Code: Select all
nginx version: nginx/1.6.0
TLS SNI support enabled
configure arguments: --prefix=/usr/share --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --user=nginx --group=nginx --with-ipv6 --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_sub_module --with-http_dav_module --with-http_gzip_static_module --with-http_stub_status_module
-
scott
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: WAF / TWAF issues with PHP-FPM (NGINX)
You need to recompile it with the mod_security library added in
Re: WAF / TWAF issues with PHP-FPM (NGINX)
Apologies for the noob question. So it's safe to download the source from mod_securities site and compile via it's source?