Nginx ModSecurity Tutorial | Nginx WAF

27 thoughts on “Nginx ModSecurity Tutorial | Nginx WAF”

• Thank you. This was very helpful.

• Thank you alexis, you make me curious on WAF … 😊

• does it work for ubuntu 22?

• I just realized that *NGINX App Protect Modern WAF and Denial of Service to protect apps and APIs.* is only for nginx plus, so Nginx open source is useless , well If I don't want to pay I will look for other web server but if I have to pay I will choose the best. I don't know if i can trust in spiderlabs. Nginx should remove "nginx open source web server" because it is insecure , I don't recommend it, pay for something good. Thanks for your video.

• E: Unable to locate package libpcre++-dev
  
  E: Couldn't find any package by regex 'libpcre++-dev'
  
  E: Unable to locate package zlibc
  
  E: Unable to locate package libxslt

• how to host a static php website in nginx server

• Excellent! Thank you for the step by step tour!

• just change the SELinux context thats it. No need of Mob Security.

• Lolka

• its very clear guide. Thank you for high quality content

• My only complaint is something this complicated should be automated with an Ansible playbook or Chef cookbook, IMHO

• Hello. Thanks forthe video. I was installing the modsecurity for nginx but I run into trouble. This is the error message i got "adding module in /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2
  ./configure: error: no /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2/config was found"
  Can you help on this. the ubuntu system is 22. and there is no help on this on the internet.

• I have done everything as you have said, but after running the command "sudo nginx -t" to test nginx syntax, it throws an error saying modsecurity_rules_file" directive Rules error. File: /usr/local/modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf Then i removed the file and everything worked fine. But it is an important config file why is this happeing.

• Hi i have a question
  What if ubuntu is upgraded / updated , so maybe there can be a higher version of nginx (example 1.25) !
  (can nginx be upgraded if we upgrade Ubuntu version? I don't know this buy the way )
  So we composed module from nginx 1.14 nginx file
  Is tihs make a problem?

• Can please you list the tools you installed post the NGINx install

• Is there some docker version which all tools enabled and still you can check what has been installed with dockerfile or so 🙂

• Perfect ! many thanks to you !

• Can you upload video waf nginx on centOS 8.5 ?

• thank you very much

• How People Get Infected With Malicious Word Document':
  https://www.youtube.com/watch?v=E-Xc_bQyG2c&t=29s

• There is an error in your documentation in the section configure modsecurity. Either the path to copy or config from/to are wrong or you left a step to create the directories. Please, check. Thanks.

• Hi,
  My all 12 cores of my server shoots to 100% usage after turning the Modsecurity On. It works fine after turning it off.
  What is wrong?

• Great video. What are your thoughts on NAXSI? Modsec has a huge performance hit. NAXSI is supposed to be a lot faster

• Thank you from Vietnam.

• Hww k worked

• I am having an error right after I run the step 6. in Building the ModSecurity Module For Nginx section

  adding module in /build/nginx-m1Thpq/nginx-1.14.2/debian/modules/http-auth-pam
  ./configure: error: no /build/nginx-m1Thpq/nginx-1.14.2/debian/modules/http-auth-pam/config was found

• Awesome tutorial – first shot it worked like charm on nginx 1.18 and Ubuntu server 20.04 focal fossa ❤️ love it

Comments are closed.