To install Nginx with ModSecurity on Scientific Linux, follow these step-by-step instructions:
Update the system:
sudo yum update
Install the required dependencies:
sudo yum install gcc pcre-devel zlib-devel make
Download the ModSecurity source code:
wget https://www.modsecurity.org/tarball/2.9.3/modsecurity-2.9.3.tar.gz tar -xzf modsecurity-2.9.3.tar.gz cd modsecurity-2.9.3
Compile and install ModSecurity:
./configure --enable-standalone-module make sudo make install
Download the Nginx source code:
wget http://nginx.org/download/nginx-1.19.7.tar.gz tar -xzf nginx-1.19.7.tar.gz cd nginx-1.19.7
Configure Nginx with ModSecurity:
./configure --with-compat --add-dynamic-module=../modsecurity-2.9.3/nginx/modsecurity make modules sudo cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules/
Edit the Nginx configuration file:
sudo nano /etc/nginx/nginx.conf
Add the following line inside the http block:
load_module modules/ngx_http_modsecurity_module.so;
Save the file and exit the editor.
Download the OWASP ModSecurity Core Rule Set (CRS):
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/v3.3.0.tar.gz tar -xzf v3.3.0.tar.gz sudo mv owasp-modsecurity-crs-3.3.0 /etc/nginx/modsecurity-crs
Edit the ModSecurity configuration file:
sudo nano /etc/nginx/modsecurity-crs/crs-setup.conf
Uncomment the following line to enable the CRS rules:
# Include OWASP ModSecurity CRS rules Include /etc/nginx/modsecurity-crs/rules/*.conf
Save the file and exit the editor.
Edit the Nginx virtual host configuration file:
sudo nano /etc/nginx/conf.d/default.conf
Inside the server block, add the following lines to enable ModSecurity:
modsecurity on; modsecurity_rules_file /etc/nginx/modsecurity-crs/crs-setup.conf;
Save the file and exit the editor.
Test the Nginx configuration:
sudo nginx -t
If there are no syntax errors, restart Nginx:
sudo systemctl restart nginx
Now, Nginx with ModSecurity is installed and ready to use on your Scientific Linux system. Be sure to customize the ModSecurity rules to match your specific requirements.