ModSecurity-NGINX-Setup + OWASP CRS Setup

Bash scripts to automatically install and setup ModSecurity WAF to work with NGINX and add OWASP Core Rule Set (CRS).

Based on: ModSecurity v3 (libmodsecurity)

Compatibility

Tested against Ubuntu 16.04 & 18.04, but it should work with other Ubuntu distributions as well. Server: NGINX

setup.sh

Setup script will:

Grab latest stable release of NGINX (PPA).
Install prerequisites for ModSecurity.
Setup ModSecurity-nginx connector based on current nginx version.
Enable ModSecurity Module and add configuration files.

owasp.sh

After running setup script, run this to automatically add OWASP Core Rule Set.

Reference: https://raw.githubusercontent.com/SpiderLabs/owasp-modsecurity-crs/v3.0/master/INSTALL

update.sh

To do.

Usage

chmod +x setup.sh owasp.sh
sudo ./setup.sh
sudo ./owasp.sh

To Enable:

After installing these scripts:

nano /etc/nginx/<your_nginx_conf_file_location>

Turn on modsecurity and modsecurity_rules_file by adding this to your nginx conf file:

modsecurity on;
modsecurity_rules_file /etc/nginx/modsec/main.conf;

Example:

server {
    # ...
    modsecurity on;
    modsecurity_rules_file /etc/nginx/modsec/main.conf;
}

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
README.md		README.md
owasp.sh		owasp.sh
setup.sh		setup.sh
update.sh		update.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

ModSecurity-NGINX-Setup + OWASP CRS Setup

Compatibility

setup.sh

owasp.sh

update.sh

Usage

To Enable:

About

Releases

Packages

Languages

Karan1458/ModSecurity-NGINX-setup

Folders and files

Latest commit

History

Repository files navigation

ModSecurity-NGINX-Setup + OWASP CRS Setup

Compatibility

setup.sh

owasp.sh

update.sh

Usage

To Enable:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages