[英]Are there any versions of ModSecurity that work well with supported versions of Nginx?
I'm trying to build Nginx and ModSecurity together in order to use the OWASP- Core Rule Set Project . 我正在尝试一起构建Nginx和ModSecurity以使用OWASP-核心规则集项目 。
According to the modsecurity download page, the latest version of modsecurity (2.9.1) is not currently stable when used with nginx. 根据modsecurity下载页面,当与nginx一起使用时,最新版本的modsecurity(2.9.1)目前不稳定。 This is consistent with my experience (not working properly on either Nginx 1.8.x or 1.9.x). 这符合我的经验(在Nginx 1.8.x或1.9.x上无法正常工作)。 I've also tried the nginx_refactoring
branch of ModSecurity, but that's non-functional too, and hasn't seen a commit in nearly 2 years anyway. 我也尝试过ModSecurity的nginx_refactoring
分支,但这也是非功能性的,并且在近两年内还没有看到提交。
I know there is a new version of modsecurity coming up (libmodsecurity), but that isn't ready yet. 我知道有一个新版本的modsecurity即将出现(libmodsecurity),但还没有准备好。
Is there any combination of ModSecurity and a supported version of Nginx that is known to be working? 是否有任何ModSecurity和已知支持的Nginx版本的组合?
Now is working, basically you need: 现在正在工作,基本上你需要:
This would work 这会奏效
https://www.howtoforge.com/tutorial/nginx-with-libmodsecurity-and-owasp-modsecurity-core-rule-set-on-ubuntu-1604/ https://www.howtoforge.com/tutorial/nginx-with-libmodsecurity-and-owasp-modsecurity-core-rule-set-on-ubuntu-1604/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.