Install Nginx ModSecurity on CentOS 7

ModSecurity is a Web Application Firewall that protects your website from hacking attacks. It is Open Source and free to use. It can be used with webservers like Apache, Nginx, and IIS. To install ModSecurity with Nginx, we need to compile the ModSecurity Nginx module and activate it in the Nginx configuration file.

Install the compilers and libraries needed for building the source code.

Install dependency

Download and install ModSecurity

Clone ModSecurity-nginx repository. This contains Nginx ModSecurity module source code.

We need to download the source code for the version of Nginx you are running now. For this, check Nginx version with the command

In this case, we use Nginx 1.20.1, go to http://nginx.org/en/download.html and download the source code for Nginx version you are using.

Find out the configure command used to compile nginx.

You can see configure arguments on the last line, we need to use these arguments when we compile Nginx from source code.

Run

In the above, we added –add-dynamic-module=../ModSecurity-nginx at end of the configure command to compile the Nginx module.

To build Nginx modules, run

Once the module is built, copy it to /etc/nginx/modules

Copy ModSecurity configuration files

Enable ModSecurity

To load ModSecurity module, edit file

Find

Add below

Edit your server config (virtual host entry), add

Install ModSecurity Rules

You can download ModSecurity rules from

https://coreruleset.org

At the time of writing this, the latest version is v3.3.2. So let’s download and install it.

To activate the rule, edit the file

At end of the file, add

Restart Nginx

To verify ModSecurity is working, access your website URL with

You will see 403 Forbidden error.

See ModSecurity Web Application Firewall, Nginx

Leave a Reply

Your email address will not be published. Required fields are marked *