How to install and configure ModSecurity on NGINX-CentOS

“Web applications – yours, mine, everyone’s  – are terribly insecure on average. We struggle to keep up with the security issues and need any help we can get to secure them.” – Ivan Ristić, creator of ModSecurity

Today I wanna show you how to install Modsecurity on CentOS 7 and then how to configure it on NGINX .

1.First we should Install dependency and required packages:

# yum install -y autoconf automake build-essential git libcurl4-openssl-dev libgeoip-dev liblmdb-dev libpcre++-dev libtool libxml2-dev libyajl-dev pkgconf wget zlib1g-dev

2.then we should update repository to install NGINX

# yum install -y

3.Now we start to install NGINX

# yum install nginx

# service nginx start

4. In this step we start to install ModSecurity

# yum install nginx-module-security

5.Add the plugin to the nginx configuration file located in /etc/nginx/nginx.conf

load_module modules/;

6. Create a file in /etc/nginx/modsec/main.conf and add following text

This is a simple test for droping a request

# From
# modsecurity.conf-recommended
# Edit to set SecRuleEngine On
Include "/etc/nginx/modsecurity.conf"

# Basic test rule
SecRule ARGS:testparam "@contains test" "id:1234,deny,status:403"

7. Add following configuration into website configuration file located in /etc/nginx/conf.d/ and in server section

server {
    # ...
    modsecurity on;
    modsecurity_rules_file /etc/nginx/modsec/main.conf;

8.Now you can restart NGINX and test ModSecurity with a simple injection query

# service nginx restart
# curl localhost?testparam=test

Leave a Reply

Your email address will not be published. Required fields are marked *

1 + 1 =