09-22-2020, 04:40 PM
####################################################################################################
sudo yum update
sudo yum install yum-utils
####################################################################################################
## Installing normal Nginx
sudo vim /etc/yum.repos.d/nginx.repo
:'
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
'
sudo yum-config-manager --enable nginx-mainline
sudo yum install nginx -y
sudo vim /etc/nginx/nginx.conf
:'
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
load_module modules/ngx_http_modsecurity_module.so;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
modsecurity on;
modsecurity_rules_file /etc/nginx/modsec/main.conf;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
'
sudo systemctl start nginx
sudo systemctl enable nginx
####################################################################################################
## Installing Mod Security
sudo yum groupinstall 'Development tools' -y
sudo yum install autoconf automake bzip2 flex gcc git httpd-devel libaio-devel libass-devel libjpeg-turbo-devel libpng12-devel libtheora-devel libtool libva-devel libvdpau-devel libvorbis-devel libxml2-devel libxslt-devel perl texi2html unzip zip openssl openssl-devel geoip geoip-devel -y
sudo cd /opt
sudo git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity
sudo cd ModSecurity
sudo git submodule init
sudo git submodule update
sudo ./build.sh
sudo ./configure
sudo make && make install
sudo make check
####################################################################################################
## Installing Nginx and Mod Security Connector
sudo cd /opt
sudo git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git
sudo nginx -v
sudo wget http://nginx.org/download/nginx-1.19.2.tar.gz
sudo tar zxvf nginx-1.19.2.tar.gz
sudo cd nginx-1.19.2/
sudo ./configure --with-compat --add-dynamic-module=../ModSecurity-nginx
sudo make modules
sudo cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules
sudo vim /etc/nginx/nginx.conf
sudo mkdir /etc/nginx/modsec
sudo wget -P /etc/nginx/modsec/ https://raw.githubusercontent.com/Spider...ecommended
sudo mv /etc/nginx/modsec/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf
sudo cp ModSecurity/unicode.mapping /etc/nginx/modsec
sudo sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/nginx/modsec/modsecurity.conf
sudo vim /etc/nginx/modsec/main.conf
:'
# From https://github.com/SpiderLabs/ModSecurity/blob/master/
# modsecurity.conf-recommended
#
# Edit to set SecRuleEngine On
Include "/etc/nginx/modsec/modsecurity.conf"
# Basic test rule
SecRule ARGS:testparam "@contains test" "id:1234,deny,status:403"
'
sudo vim /etc/nginx/nginx.conf
sudo curl localhost?testparam=test
####################################################################################################
#### Install Mod Security Core Rule Sets
sudo wget https://github.com/SpiderLabs/owasp-mods...0.2.tar.gz
sudo tar -xzvf v3.0.2.tar.gz
sudo mv owasp-modsecurity-crs-3.0.2 /opt/ModSecCore
sudo cd ModSecCore/
sudo cp crs-setup.conf.example crs-setup.conf
sudo vim /etc/nginx/modsec/main.conf
sudo nginx -t
sudo nginx -s reload
sudo tail -f /var/log/modsec_audit.log
sudo curl localhost?testparam=test
####################################################################################################
sudo yum update
sudo yum install yum-utils
####################################################################################################
## Installing normal Nginx
sudo vim /etc/yum.repos.d/nginx.repo
:'
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
'
sudo yum-config-manager --enable nginx-mainline
sudo yum install nginx -y
sudo vim /etc/nginx/nginx.conf
:'
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
load_module modules/ngx_http_modsecurity_module.so;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
modsecurity on;
modsecurity_rules_file /etc/nginx/modsec/main.conf;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
'
sudo systemctl start nginx
sudo systemctl enable nginx
####################################################################################################
## Installing Mod Security
sudo yum groupinstall 'Development tools' -y
sudo yum install autoconf automake bzip2 flex gcc git httpd-devel libaio-devel libass-devel libjpeg-turbo-devel libpng12-devel libtheora-devel libtool libva-devel libvdpau-devel libvorbis-devel libxml2-devel libxslt-devel perl texi2html unzip zip openssl openssl-devel geoip geoip-devel -y
sudo cd /opt
sudo git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity
sudo cd ModSecurity
sudo git submodule init
sudo git submodule update
sudo ./build.sh
sudo ./configure
sudo make && make install
sudo make check
####################################################################################################
## Installing Nginx and Mod Security Connector
sudo cd /opt
sudo git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git
sudo nginx -v
sudo wget http://nginx.org/download/nginx-1.19.2.tar.gz
sudo tar zxvf nginx-1.19.2.tar.gz
sudo cd nginx-1.19.2/
sudo ./configure --with-compat --add-dynamic-module=../ModSecurity-nginx
sudo make modules
sudo cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules
sudo vim /etc/nginx/nginx.conf
sudo mkdir /etc/nginx/modsec
sudo wget -P /etc/nginx/modsec/ https://raw.githubusercontent.com/Spider...ecommended
sudo mv /etc/nginx/modsec/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf
sudo cp ModSecurity/unicode.mapping /etc/nginx/modsec
sudo sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/nginx/modsec/modsecurity.conf
sudo vim /etc/nginx/modsec/main.conf
:'
# From https://github.com/SpiderLabs/ModSecurity/blob/master/
# modsecurity.conf-recommended
#
# Edit to set SecRuleEngine On
Include "/etc/nginx/modsec/modsecurity.conf"
# Basic test rule
SecRule ARGS:testparam "@contains test" "id:1234,deny,status:403"
'
sudo vim /etc/nginx/nginx.conf
sudo curl localhost?testparam=test
####################################################################################################
#### Install Mod Security Core Rule Sets
sudo wget https://github.com/SpiderLabs/owasp-mods...0.2.tar.gz
sudo tar -xzvf v3.0.2.tar.gz
sudo mv owasp-modsecurity-crs-3.0.2 /opt/ModSecCore
sudo cd ModSecCore/
sudo cp crs-setup.conf.example crs-setup.conf
sudo vim /etc/nginx/modsec/main.conf
sudo nginx -t
sudo nginx -s reload
sudo tail -f /var/log/modsec_audit.log
sudo curl localhost?testparam=test
####################################################################################################