NGINX ModSecurity WAF

Protect against Layer 7 attacks such as SQLi, XSS, CSRF, LFI, and RFI, with the NGINX ModSecurity WAF dynamic module, supported by NGINX.

The NGINX ModSecurity web application firewall (WAF) is built on ModSecurity 3.0.

Installation Instructions

1. Install the NGINX ModSecurity WAF module.

   For Amazon Linux, CentOS, Oracle Linux, and RHEL:

   $ yum install nginx-plus-module-modsecurity
   

   Note:: ppc64le is currently not supported for Amazon Linux, CentOS, Oracle Linux, and RHEL.

   For Debian and Ubuntu:

   $ apt-get install nginx-plus-module-modsecurity
   

   Note: aarch64 and ppc64le is currently not supported for Ubuntu.

   For SLES:

   $ zypper install nginx-plus-module-modsecurity
   

   For Alpine:

   $ apk add nginx-plus-module-modsecurity
   

2. Put the load_module directive in the top‑level (“main”) context of NGINX Plus configuration file, nginx.conf:

   load_module modules/ngx_http_modsecurity_module.so;
   

3. Perform additional configuration as required by the module.

4. Reload NGINX Plus to enable the module:

   $ nginx -t && nginx -s reload
   

5. Configure the module.

More Info

• ModSecurity Documentation

• NGINX ModSecurity WAF Technical Specifications

• Installing and Configuring NGINX ModSecurity WAF

• Using the ModSecurity Rules from Trustwave SpiderLabs with the NGINX ModSecurity WAF

• Using the OWASP CRS with the NGINX ModSecurity WAF

• NGINX Dynamic Modules