“Web applications – yours, mine, everyone’s – are terribly insecure on average. We struggle to keep up with the security issues and need any help we can get to secure them.” – Ivan Ristić, creator of ModSecurity
Today I wanna show you how to install Modsecurity on CentOS 7 and then how to configure it on NGINX .
1.First we should Install dependency and required packages:
# yum install -y autoconf automake build-essential git libcurl4-openssl-dev libgeoip-dev liblmdb-dev libpcre++-dev libtool libxml2-dev libyajl-dev pkgconf wget zlib1g-dev
2.then we should update repository to install NGINX
# yum install https://extras.getpagespeed.com/release-el7-latest.rpm -y
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-2.png)
3.Now we start to install NGINX
# yum install nginx
# service nginx start
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-12-1024x283.png)
4. In this step we start to install ModSecurity
# yum install nginx-module-security
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-4.png)
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-6.png)
![](https://www.vmehrabi.com/wp-content/uploads/2019/01/Mod-sec_016-1024x552.jpg)
5.Add the plugin to the nginx configuration file located in /etc/nginx/nginx.conf
load_module modules/ngx_http_modsecurity_module.so;
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-7.png)
6. Create a file in /etc/nginx/modsec/main.conf and add following text
This is a simple test for droping a request
# From https://github.com/SpiderLabs/ModSecurity/blob/master/
# modsecurity.conf-recommended
#
# Edit to set SecRuleEngine On
Include "/etc/nginx/modsecurity.conf"
# Basic test rule
SecRule ARGS:testparam "@contains test" "id:1234,deny,status:403"
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-8.png)
7. Add following configuration into website configuration file located in /etc/nginx/conf.d/ and in server section
server {
# ...
modsecurity on;
modsecurity_rules_file /etc/nginx/modsec/main.conf;
}
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image.png)
8.Now you can restart NGINX and test ModSecurity with a simple injection query
# service nginx restart
# curl localhost?testparam=test
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-9.png)
![](https://www.vmehrabi.com/wp-content/uploads/2020/04/image-10.png)