sudo apt install nginx
sudo apt-get install bison build-essential ca-certificates curl dh-autoreconf doxygen \
flex gawk git iputils-ping libcurl4-gnutls-dev libexpat1-dev libgeoip-dev liblmdb-dev \
libpcre3-dev libpcre++-dev libssl-dev libtool libxml2 libxml2-dev libyajl-dev locales \
lua5.3-dev pkg-config wget zlib1g-dev zlibc libxslt-dev libgd-dev
sudo apt install git
cd /opt && sudo git clone https://github.com/SpiderLabs/ModSecurity
cd ModSecurity
sudo git submodule init
sudo git submodule update
sudo ./build.sh
sudo ./configure
sudo make
sudo make install
cd /opt && sudo git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx
nginx -v
nginx version: nginx/1.18.0 (Ubuntu)
cd /opt && sudo wget http://nginx.org/download/nginx-1.18.0.tar.gz
sudo tar -xvzmf nginx-1.18.0.tar.gz
cd nginx-1.18.0
nginx -V
sudo ./configure --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-GkiujU/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' lib/nginx/uwsgi --with-debug --with-pcre-jit
–add-dynamic-module=../ModSecurity-nginx
sudo make modules
sudo mkdir /etc/nginx/modules
sudo cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
load_module /etc/nginx/modules/ngx_http_modsecurity_module.so; // ModSec
sudo rm -rf /usr/share/modsecurity-crs
sudo git clone https://github.com/coreruleset/coreruleset /usr/local/modsecurity-crs
sudo mv /usr/local/modsecurity-crs/crs-setup.conf.example /usr/local/modsecurity-crs/crs-setup.conf
sudo mv /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
sudo mkdir -p /etc/nginx/modsec
sudo cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec
sudo cp /opt/ModSecurity/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf
/etc/nginx/modsec/main.conf
Include /etc/nginx/modsec/modsecurity.conf
Include /usr/local/modsecurity-crs/crs-setup.conf
Include /usr/local/modsecurity-crs/rules/*.conf
modsecurity on;
modsecurity_rules_file /etc/nginx/modsec/main.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name devops.id;
root /var/www/html;
modsecurity on;
modsecurity_rules_file /etc/nginx/modsec/main.conf;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
}
sudo systemctl restart nginx
http://(server-ip)/index.html?exec=/bin/bash
http://(server-ip)/?q=1" or "1"="1"%27