NGINX 1.13.5 with Web Application Firewall (WAF) released

Atomicorp announcements, new release notifications and other company and product news.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8349
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

NGINX 1.13.5 with Web Application Firewall (WAF) released

Unread post by scott »

This release implements the libmodsecurity v3 WAF as a DSO (Dynamic Shared Object) in the popular Nginx web server. Unlike previous iterations that required a full recompile of nginx, this iteration allows an external module to be added through a simple config file change.


Please note that libmodsecurity v3 is under heavy development, and does not have feature parity with mod_security 2.9 at this time. The dedicated nginx-waf rule repository is available at:

http://updates.atomicorp.com/channels/r ... inx-latest


Supported Platforms:

Centos / Redhat / Cloudlinux 7
Fedora 24-26

Installation:

1) add the atomic repository

wget -q -O - https://updates.atomicorp.com/installers/atomic |sh

2) Install / upgrade nginx 1.13.x and nginx-module-modsecurity

yum install nginx nginx-module-modsecurity

3) Download the latest ruleset from: https://updates.atomicorp.com/channels/ ... inx-latest

4) enable modsecurity in /etc/nginx/nginx.conf

load_module modules/ngx_http_modsecurity_module.so;

5) extract the archive, and copy contents:

tar xvf nginx-waf-201709121114.tar.gz

mkdir -p /etc/httpd/modsecurity.d/

cp rules/* /etc/httpd/modsecurity.d/

cp rules/conf/tortix_waf.conf /etc/httpd/modsecurity.d/

cp rules/conf/00_mod_security.conf /etc/nginx/conf.d/

6) (re)start Nginx

service nginx restart
Post Reply