How to Install ModSecurity 3 with Nginx on Ubuntu 22.04

 

 

Introduction

ModSecurity is an open-source web application firewall (WAF) that helps protect web applications from various attacks. In this guide, you will learn how to install ModSecurity 3 with Nginx on Ubuntu 22.04, which can be efficiently hosted on a Windows VPS UK.

Prerequisites

  • An Ubuntu 22.04 server with root access
  • Basic knowledge of Linux commands
  • An active internet connection
  • Nginx installed on your server

Step 1: Update Your System

Start by updating your package index and upgrading existing packages:

sudo apt update && sudo apt upgrade -y

Step 2: Install Required Dependencies

Install the necessary packages:

sudo apt install build-essential git curl libtool libpcre3 libpcre3-dev zlib1g zlib1g-dev libssl-dev -y

Step 3: Install Nginx

If you haven't already installed Nginx, you can do so with the following command:

sudo apt install nginx -y

Start and enable Nginx to run at boot:

sudo systemctl start nginx
sudo systemctl enable nginx

Step 4: Clone the ModSecurity Repository

Clone the ModSecurity 3 GitHub repository:

git clone --depth 1 https://github.com/SpiderLabs/ModSecurity.git

Change into the ModSecurity directory:

cd ModSecurity

Step 5: Compile and Install ModSecurity

Run the following commands to compile and install ModSecurity:

git submodule init
git submodule update
./build.sh
./configure
make
sudo make install

Step 6: Install ModSecurity Nginx Connector

Clone the ModSecurity Nginx connector repository:

git clone --depth 1 https://github.com/SpiderLabs/modsecurity-nginx.git

Change into the connector directory:

cd modsecurity-nginx

Now, you need to compile Nginx with ModSecurity:

sudo apt install nginx-extras -y
sudo apt install libnginx-mod-http-modsecurity -y

Step 7: Configure Nginx to Use ModSecurity

Edit your Nginx configuration file to include ModSecurity:

sudo nano /etc/nginx/nginx.conf

Add the following line inside the http block:

modsecurity on;

And specify the ModSecurity configuration file:

modsecurity_rules_file /etc/nginx/modsec/main.conf;

Step 8: Create the Main Configuration File

Create the ModSecurity configuration file:

sudo mkdir /etc/nginx/modsec
sudo nano /etc/nginx/modsec/main.conf

Add your ModSecurity rules. You can start with the default rules:

Include /usr/local/nginx/conf/modsecurity.conf

Step 9: Restart Nginx

After making changes to the configuration, restart Nginx:

sudo systemctl restart nginx

Step 10: Verify ModSecurity Installation

To verify that ModSecurity is working, check the Nginx error log for any entries related to ModSecurity:

sudo tail -f /var/log/nginx/error.log

Step 11: Conclusion

You have successfully installed ModSecurity 3 with Nginx on Ubuntu 22.04. This setup provides enhanced security for your web applications, particularly beneficial when hosted on a Windows VPS. For further assistance, explore various VPS UK Windows solutions, including Windows Virtual Private Server Hosting and Windows VPS Hosting UK for optimal performance and security.

© 2024 ModSecurity Installation Tutorial. All rights reserved.

  • 0 brukere syntes dette svaret var til hjelp
Var dette svaret til hjelp?

Relaterte artikler

Boost Your Ubuntu System's Performance with a Swap File: A Step-by-Step Guide

What is a Swap File? A swap file in Ubuntu serves as dedicated virtual memory on your hard...

How to Migrate ISPConfig 2, ISPConfig 3.x, Confixx, CPanel or Plesk to ISPConfig 3.2 (single server)

Introduction Migration from other control panels like ISPConfig 2, ISPConfig 3.x, Confixx,...

How to Install and Configure Zabbix Server and Client on Rocky Linux 9

Introduction Zabbix is an open-source monitoring solution that provides real-time...

How to Install CockroachDB Cluster on Debian 12

Introduction CockroachDB is a distributed SQL database built to handle large-scale,...

How to Install Joomla with Apache and Let's Encrypt SSL on AlmaLinux 9

Introduction Joomla is a popular open-source content management system (CMS) used to build...