Modsecurity protects websites from malicious attacks and security threats. Here’s how to install and configure modsecurity in NGINX.
How to install modsecurity in NGINX
Here are the steps to install and setup modsecurity in NGINX. Please note, if you need to install modsecurity, you need to compile it with NGINX source code.
1. Install Prerequisites
Open terminal and run the following command to install prerequisites for modsecurity
CentOS/Redhat
#yum groupinstall -y "Development Tools" #yum install -y httpd httpd-devel pcre pcre-devel libxml2 libxml2-devel curl curl-devel openssl openssl-devel
Debian/Ubuntu
$ sudo apt-get install -y git build-essential libpcre3 libpcre3-dev libssl-dev libtool autoconf apache2-dev libxml2-dev libcurl4-openssl-dev automake pkgconf
Bonus Read : How to Enable NGINX status page
2. Download NGINX and Modsecurity
Download NGINX and modsecurity with following commands. Update the NGINX version as per your requirement
$ wget http://nginx.org/download/nginx-1.9.15.tar.gz $ gunzip -c nginx-1.9.15.tar.gz | tar xvf –
You will see a new folder nginx-1.9.15 created.
$ wget https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz $ gunzip -c modsecurity-2.9.1.tar.gz | tar xvf –
You will see a new folder modsecurity-2.9.1 created.
Bonus Read : How to Install Varnish in NGINX
3. Install NGINX with Modsecurity
Run the following commands to compile modsecurity
$ cd modsecurity-2.9.1 $ ./configure --enable-standalone-module $ make
Run the following commands to compile and install NGINX with modsecurity.
$ cd nginx-1.9.15 $ ./configure --add-module=../modsecurity-2.9.1/nginx/modsecurity $ make $ make install
This will install NGINX with modsecurity.
Bonus Read : Step by Step NGINX SSL configuration
4. Configure modsecurity
First, we need to copy 2 modsecurity configuration files modsecurity.conf-recommended and unicode.mapping to the same folder as our nginx.conf file (e.g /usr/local/nginx/conf).
You will find these 2 files in modsecurity folder that was created in step 2. Run the following commands to copy the 2 configuration files. Replace the folder path below as per your requirement. For our example, let us say our folder was created in /home/
$ cp /home/modsecurity-2.9.1/modsecurity.conf-recommended /usr/local/nginx/conf/ $ cp /home/modsecurity-2.9.1/unicode.mapping /usr/local/nginx/conf/
We will also rename modsecurity.conf-recommended to modsecurity.conf
$ mv /usr/local/nginx/conf/modsecurity.conf-recommended /usr/local/nginx/conf/modsecurity.conf
Open nginx.conf file and add the following lines to location / block
ModSecurityEnabled on; ModSecurityConfig modsecurity.conf;
So your location block will look like
location / {
...
ModSecurityEnabled on;
ModSecurityConfig modsecurity.conf;
}
Bonus Read : How to Prevent Image Hotlinking in NGINX
5. Restart NGINX Server
Run the following command to check syntax of your updated config file.
$ sudo nginx -t
If there are no errors, run the following command to restart NGINX server.
$ sudo service nginx reload #debian/ubuntu $ systemctl restart nginx #redhat/centos
Bonus Read : How to Harden NGINX Server
6. Verify Modsecurity Installation
Run the following command to verify modsecurity installation.
$ nginx -v
If modsecurity is successfully installed and enabled, you will see modsecurity mentioned in the output.
nginx version: nginx/1.9.15 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC) configure arguments: --add-module=../modsecurity-2.9.1/nginx/modsecurity
That’s it! Hopefully, the above tutorial will help you install & configure modsecurity in NGINX.
Ubiq makes it easy to visualize data in minutes, and monitor in real-time dashboards. Try it today!
