设为首页收藏本站
开启辅助访问

ModSecurity 3.x + Nginx 编译安装

 您所在的位置:网站首页 nginx离线安装需要root ModSecurity 3.x + Nginx 编译安装

ModSecurity 3.x + Nginx 编译安装

2024-03-07 01:23| 来源: 网络整理| 查看: 265

文章目录 编译并生成 nginx_modsecurity3 RPM 安装包安装依赖安装 nignx安装 libModSecurity关联 nginx生成 rpm 安装包 安装 nginx 和 nginx_modsecurity3配置 modsecurity下载配置文件配置 modsecurity配置 nginx测试 Platform: Linux 3.10.0-693.el7.x86_64

编译并生成 nginx_modsecurity3 RPM 安装包 安装依赖 yum -y install epel-release yum install -y git rpm-build gperftools-devel openssl-devel pcre-devel zlib-devel GeoIP-devel gd-devel perl-devel libxslt-devel perl-ExtUtils-Embed.noarch gcc gcc-c++ autoconf automake libtool yum -y install yum-utils yajl yajl-devel libcurl libcurl-devel lmdb lmdb-devel ssdeep ssdeep-devel lua lua-devel 安装 nignx yum -y install nginx cd /root/ yumdownloader --source nginx rpm -i nginx-1.16.1-1.el7.src.rpm 当前结果 [root@localhost ~]# ls -l -rw-r--r--. 1 root root 1070280 10月 4 2019 nginx-1.16.1-1.el7.src.rpm drwxr-xr-x. 4 root root 34 5月 19 14:41 rpmbuild 安装 libModSecurity 下载 modsecurity cd /root/ git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity 安装 modsecurity cd ModSecurity git submodule init git submodule update ./build.sh ./configure --with-lmdb ModSecurity - for Linux Mandatory dependencies + libInjection ....v3.9.2-30-gbf234eb + SecLang tests ....c8cf2c5 Optional dependencies + GeoIP/MaxMind ....found * (GeoIP) v1.5.0 -lGeoIP , -I/usr/include/ + LibCURL ....found v7.29.0 -lcurl , -DWITH_CURL + YAJL ....found v2.0.4 -lyajl , -DWITH_YAJL + LMDB ....disabled + LibXML2 ....found v2.9.1 -lxml2 -lz -lm -ldl, -I/usr/include/libxml2 -DWITH_LIBXML2 + SSDEEP ....found -lfuzzy -L/usr/lib64/, -DWITH_SSDEEP -I/usr/include + LUA ....found v501 -llua-5.1 -L/usr/lib64/, -DWITH_LUA -DWITH_LUA_5_1 -I/usr/include Other Options + Test Utilities ....enabled + SecDebugLog ....enabled + afl fuzzer ....disabled + library examples ....enabled + Building parser ....disabled + Treating pm operations as critical section ....disabled make -j2 make install

当前结果

[root@localhost ~]# ls -l drwxr-xr-x. 14 root root 4096 5月 19 15:01 ModSecurity -rw-r--r--. 1 root root 1070280 10月 4 2019 nginx-1.16.1-1.el7.src.rpm drwxr-xr-x. 4 root root 34 5月 19 14:41 rpmbuild [root@localhost ~]# find . -name libmodsecurity.so* ./ModSecurity/src/.libs/libmodsecurity.so.3.0.4 ./ModSecurity/src/.libs/libmodsecurity.so.3 ./ModSecurity/src/.libs/libmodsecurity.so [root@localhost ~]# 关联 nginx 下载 ModSecurity-nginx cd /root/ git clone https://github.com/SpiderLabs/ModSecurity-nginx.git

当前结果

[root@localhost ~]# ls -l drwxr-xr-x. 14 root root 4096 5月 19 15:01 ModSecurity drwxr-xr-x. 6 root root 192 5月 19 15:14 ModSecurity-nginx -rw-r--r--. 1 root root 1070280 10月 4 2019 nginx-1.16.1-1.el7.src.rpm drwxr-xr-x. 5 root root 47 5月 19 15:30 rpmbuild 解压缩 nginx 源文件 cd /root/ tar zxf ./rpmbuild/SOURCES/nginx-1.16.1.tar.gz

当前结果

[root@localhost ~]# ls -l drwxr-xr-x. 14 root root 4096 5月 19 15:01 ModSecurity drwxr-xr-x. 6 root root 192 5月 19 15:14 ModSecurity-nginx drwxr-xr-x. 9 1001 1001 186 5月 19 15:18 nginx-1.16.1 -rw-r--r--. 1 root root 1070280 10月 4 2019 nginx-1.16.1-1.el7.src.rpm drwxr-xr-x. 5 root root 47 5月 19 15:30 rpmbuild 更新 nginx build string cd /root/nginx-1.16.1/ nginx -V 2>&1 | grep 'configure arguments' | sed "s#configure arguments:#./configure --add-dynamic-module=../ModSecurity-nginx #g" nginx -V 2>&1 | grep 'configure arguments' | sed "s#configure arguments:#./configure --add-dynamic-module=../ModSecurity-nginx #g" |bash make modules

当前结果:

[root@localhost nginx-1.16.1]# find . -name *modsecurity* ./objs/ngx_http_modsecurity_module_modules.c ./objs/addon/src/ngx_http_modsecurity_module.o ./objs/addon/src/ngx_http_modsecurity_pre_access.o ./objs/addon/src/ngx_http_modsecurity_header_filter.o ./objs/addon/src/ngx_http_modsecurity_body_filter.o ./objs/addon/src/ngx_http_modsecurity_log.o ./objs/addon/src/ngx_http_modsecurity_rewrite.o ./objs/ngx_http_modsecurity_module_modules.o ./objs/ngx_http_modsecurity_module.so [root@localhost nginx-1.16.1]# 将生成的 modsecurity 相关文件复制到 rpmbuild 中 cd /root/ mkdir -p ./rpmbuild/BUILD find . -type f -iname 'libmodsecurity.so.3.*' -exec cp {} ./rpmbuild/BUILD \; find . -type f -iname 'ngx_http_modsecurity_module.so' -exec cp {} ./rpmbuild/BUILD \;

当前结果:

[root@localhost ~]# ls rpmbuild/BUILD/ -l 总用量 43780 -rwxr-xr-x. 1 root root 44442616 5月 19 15:49 libmodsecurity.so.3.0.4 -rwxr-xr-x. 1 root root 384824 5月 19 15:49 ngx_http_modsecurity_module.so [root@localhost ~]# 生成 rpm 安装包 vi /root/rpmbuild/SPECS/nginx-modsecurity.spec Name: nginx-modsecurity3-centos7 Version: 3.0.4 Release: 1 Group: Applications/System BuildArch: x86_64 Summary: modsecurity for nginx License: GPL %description Brief description of software package. Provides: libmodsecurity.so.3 nginx-modsecurity %prep %build %install mkdir -p %{buildroot}/opt/modsecurity cp libmodsecurity.so.3.0.4 %buildroot/opt/modsecurity cp ngx_http_modsecurity_module.so %buildroot/opt/modsecurity %post echo 'load_module "/usr/lib64/nginx/modules/ngx_http_modsecurity_module.so";' > /usr/share/nginx/modules/mod-modsecurity.conf ln -sf /opt/modsecurity/ngx_http_modsecurity_module.so /usr/lib64/nginx/modules/ngx_http_modsecurity_module.so cat > /etc/ld.so.conf.d/modsecurity.conf


【本文地址】


今日新闻

推荐新闻

CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3