Thank you for all of your input! Ed
On Thu, Oct 13, 2022 at 5:54 PM PGNet Dev <pgnet....@gmail.com> wrote: > > My primary driving reason for considering the deployment of Nginx from > source is to use ModSecurity WAF with Nginx. I'm under the impression that > it's much easier to use ModSecurity with Nginx when compiled from source. > > If ModSecurity is the issue ... > > There are old instructions easily found ON the nginx.com site, > > > https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/ > > for building it as a dynamic module, which can be separately built and > added to a packaged nginx build. not required to > rebuild/repackage/reinstall nginx itself. of course, you need to match > source version to your pkg'd version. > > but note, NGINX is dumping ... er ... Transitioning to End-of-Life ... > ModSecurity support, > > F5 NGINX ModSecurity WAF Is Transitioning to End-of-Life > > https://www.nginx.com/blog/f5-nginx-modsecurity-waf-transitioning-to-eol/ > > and that ModSecurity itself is on its way out, > > Talking about ModSecurity and the new Coraza WAF > > https://coreruleset.org/20211222/talking-about-modsecurity-and-the-new-coraza-waf/ > > but not quite dead yet. in the interim, there's ModSecurity v3/master > > https://github.com/SpiderLabs/ModSecurity > > , with a new architecture, and a specific Nginx connector > > https://github.com/SpiderLabs/ModSecurity-nginx > > which can, similarly to the above, be built/added as a dynamic module, and > still works well enough. > > and here's a useful tutorial for setting up Nginx + LibModsecurity > > Configure LibModsecurity with Nginx on CentOS 8 > > https://kifarunix.com/configure-libmodsecurity-with-nginx-on-centos-8/ > > >
_______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org