Introduction

ModSecurity is an open-source web application firewall (WAF) that helps protect web applications from various attacks. In this guide, you will learn how to install ModSecurity 3 with Nginx on Ubuntu 22.04, which can be efficiently hosted on a Windows VPS UK.

Prerequisites

  • An Ubuntu 22.04 server with root access
  • Basic knowledge of Linux commands
  • An active internet connection
  • Nginx installed on your server

Step 1: Update Your System

Start by updating your package index and upgrading existing packages:

sudo apt update && sudo apt upgrade -y

Step 2: Install Required Dependencies

Install the necessary packages:

sudo apt install build-essential git curl libtool libpcre3 libpcre3-dev zlib1g zlib1g-dev libssl-dev -y

Step 3: Install Nginx

If you haven't already installed Nginx, you can do so with the following command:

sudo apt install nginx -y

Start and enable Nginx to run at boot:

sudo systemctl start nginx
sudo systemctl enable nginx

Step 4: Clone the ModSecurity Repository

Clone the ModSecurity 3 GitHub repository:

git clone --depth 1 https://github.com/SpiderLabs/ModSecurity.git

Change into the ModSecurity directory:

cd ModSecurity

Step 5: Compile and Install ModSecurity

Run the following commands to compile and install ModSecurity:

git submodule init
git submodule update
./build.sh
./configure
make
sudo make install

Step 6: Install ModSecurity Nginx Connector

Clone the ModSecurity Nginx connector repository:

git clone --depth 1 https://github.com/SpiderLabs/modsecurity-nginx.git

Change into the connector directory:

cd modsecurity-nginx

Now, you need to compile Nginx with ModSecurity:

sudo apt install nginx-extras -y
sudo apt install libnginx-mod-http-modsecurity -y

Step 7: Configure Nginx to Use ModSecurity

Edit your Nginx configuration file to include ModSecurity:

sudo nano /etc/nginx/nginx.conf

Add the following line inside the http block:

modsecurity on;

And specify the ModSecurity configuration file:

modsecurity_rules_file /etc/nginx/modsec/main.conf;

Step 8: Create the Main Configuration File

Create the ModSecurity configuration file:

sudo mkdir /etc/nginx/modsec
sudo nano /etc/nginx/modsec/main.conf

Add your ModSecurity rules. You can start with the default rules:

Include /usr/local/nginx/conf/modsecurity.conf

Step 9: Restart Nginx

After making changes to the configuration, restart Nginx:

sudo systemctl restart nginx

Step 10: Verify ModSecurity Installation

To verify that ModSecurity is working, check the Nginx error log for any entries related to ModSecurity:

sudo tail -f /var/log/nginx/error.log

Step 11: Conclusion

You have successfully installed ModSecurity 3 with Nginx on Ubuntu 22.04. This setup provides enhanced security for your web applications, particularly beneficial when hosted on a Windows VPS. For further assistance, explore various VPS UK Windows solutions, including Windows Virtual Private Server Hosting and Windows VPS Hosting UK for optimal performance and security.

© 2024 ModSecurity Installation Tutorial. All rights reserved.

¿Fue útil la respuesta? 0 Los Usuarios han Encontrado Esto Útil (0 Votos)