堆栈内存溢出
  简体   繁体   English

在NGINX OSS中编译ModSecurity

[英]Compiling ModSecurity in NGINX OSS

 原文  2018-02-10 00:55:28       nginx/ mod-security

问题描述

I am trying to compile ModSecurity for the Nginx OSS web server. 我正在尝试为Nginx OSS Web服务器编译ModSecurity。 I have followed all of the instructions from their "Quick Start Guide", but am running into an issue. 我已经按照他们的“快速入门指南”中的所有说明进行操作,但是遇到了问题。 After linking up the new module, the config test fails. 链接新模块后,配置测试失败。

Error output from /var/log/nginx/error.log is: /var/log/nginx/error.log输出的错误是:

2018/02/10 00:47:51 [emerg] 6026#6026: module "/usr/share/nginx/modules/ngx_http_modsecurity_module.so" is not binary compatible in /etc/nginx/modules-enabled/50-mod-http-modsecurity.conf:1

originally the dynamic module was compiled with 最初,动态模块是使用

sh ./configure --with-compat --add-dynamic-module=../ModSecurity-nginx

but this results in the error. 但这会导致错误。

from what I've read, I need to compile the module with identical options as the existing Nginx instance. 从我的阅读中,我需要使用与现有Nginx实例相同的选项来编译模块。

I found the current options using nginx -V , and then re-ran the ./configure using all of the output options, but this gives the same error. 我使用nginx -V找到了当前选项,然后使用所有输出选项重新运行了./configure ,但这给出了相同的错误。

Can anyone point me down the right path here? 有人可以在这里指出我正确的方向吗?

Thanks for any help. 谢谢你的帮助。

UPDATE 10/29/18 更新10/29/18

It seems the original binary also needs to be compiled with the --with-compat flag. 似乎原始二进制文件也需要使用--with-compat标志进行编译。 I have submitted a bug report on the issue that can be found here: 我已经提交了有关该问题的错误报告,可以在这里找到:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897926 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897926

Maybe it can get some traction. 也许可以得到一些牵引力。

1 个解决方案

解决方案1
 1  2019-04-09 07:16:06

I had a similar issue. 我有一个类似的问题。 I was using Nginx 1.10.3 which is the default for Debian Stretch. 我使用的是Nginx 1.10.3,这是Debian Stretch的默认设置。 This version does not seem to work with the latest Nginx ModSecurity connector. 此版本似乎不适用于最新的Nginx ModSecurity连接器。

I removed the default Nginx version and installed the latest stable Nginx from http://nginx.org/en/linux_packages.html . 我从http://nginx.org/en/linux_packages.html删除了默认的Nginx版本并安装了最新的稳定Nginx。 After that I was able to install and load the ModSecurity module for Nginx without problems. 之后,我能够为Nginx安装并加载ModSecurity模块,而不会出现问题。 I followed this guide: https://www.linuxjournal.com/content/modsecurity-and-nginx for installing the ModSecurity module for Nginx. 我遵循了该指南: https ://www.linuxjournal.com/content/modsecurity-and-nginx,用于为Nginx安装ModSecurity模块。

The latest stable version of Nginx which is 1.14.2 supports the --with-compat flag. Nginx的最新稳定版本为1.14.2,支持--with-compat标志。 When compiling Nginx source code make sure to use the same compiler options that were used with your running Nginx. 编译Nginx源代码时,请确保使用与正在运行的Nginx相同的编译器选项。 To find out which compile time options were used to build your currently running Nginx, run the command: nginx -V 要了解使用哪些编译时选项来构建当前正在运行的Nginx,请运行以下命令: nginx -V

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Nginx 和 ModSecurity - Nginx and ModSecurity Nginx服务器中的Modsecurity WAF - Modsecurity waf in nginx server 在nginx上安装modsecurity - Install modsecurity on nginx Static Nginx 带 Modsecurity - Static Nginx with Modsecurity 编译安装“ModSecurity-Nginx”模块时执行“make”命令出错 - An error occurred while executing the "make" command while compiling and installing the "ModSecurity- Nginx" module 可以在 nginx 上为 windows 安装 modsecurity 吗? - can modsecurity be installed on nginx for windows? 在Nginx上未找到Modsecurity modsecurity.conf推荐的源 - Modsecurity on Nginx modsecurity.conf-recommended Source Not Found 使用NGINX的WAF owasp modsecurity crs中“尚不支持SecCollectionTimeout” - “SecCollectionTimeout is not yet supported” in WAF owasp modsecurity crs with NGINX 是否有任何版本的ModSecurity适用于受支持的Nginx版本? - Are there any versions of ModSecurity that work well with supported versions of Nginx? Nginx从源代码编译 - nginx compiling from source
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM