Nginx:Install ModSecurity: Difference between revisions
No edit summary |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 5: | Line 5: | ||
Instal semua dependensi yang diperlukan untuk proses build dan kompilasi dengan perintah berikut:<syntaxhighlight lang="shell"> | Instal semua dependensi yang diperlukan untuk proses build dan kompilasi dengan perintah berikut:<syntaxhighlight lang="shell"> | ||
sudo apt-get install bison build-essential ca-certificates curl dh-autoreconf doxygen flex gawk git iputils-ping libcurl4-gnutls-dev libexpat1-dev libgeoip-dev liblmdb-dev libpcre3-dev libpcre++-dev libssl-dev libtool libxml2 libxml2-dev libyajl-dev locales lua5.3-dev pkg-config wget zlib1g-dev zlibc libxslt-dev libgd-dev | sudo apt-get install bison build-essential ca-certificates curl dh-autoreconf doxygen flex gawk git iputils-ping libcurl4-gnutls-dev libexpat1-dev libgeoip-dev liblmdb-dev libpcre3-dev libpcre++-dev libssl-dev libtool libxml2 libxml2-dev libyajl-dev locales lua5.3-dev pkg-config wget zlib1g-dev zlibc libxslt-dev libgd-dev | ||
</syntaxhighlight>di Debian 11<ref>[https://www.tecmint.com/install-modsecurity-nginx-debian-ubuntu/ tecmint.com] - How to Install ModSecurity for Nginx on Debian/Ubuntu</ref><syntaxhighlight lang="bash"> | |||
sudo apt install make gcc build-essential autoconf automake libtool libfuzzy-dev ssdeep gettext pkg-config libcurl4-openssl-dev liblua5.3-dev libpcre3 libpcre3-dev libxml2 libxml2-dev libyajl-dev doxygen libcurl4 libgeoip-dev libssl-dev zlib1g-dev libxslt-dev liblmdb-dev libpcre++-dev libgd-dev | |||
</syntaxhighlight> | </syntaxhighlight> | ||
*Install GIT | *Install GIT | ||
<syntaxhighlight lang="shell"> | <syntaxhighlight lang="shell"> | ||
| Line 209: | Line 210: | ||
==Konfigurasi pada Nginx== | ==Konfigurasi pada Nginx== | ||
*Buka konfigurasi Nginx kalian biasanya pada directory /etc/nginx/sites-enabled, dengan menambahkan | *Buka konfigurasi Nginx kalian biasanya pada directory /etc/nginx/sites-enabled, dengan menambahkan | ||
<syntaxhighlight lang="shell"> | |||
vim /etc/nginx/sites-enabled/default.conf | |||
</syntaxhighlight> | |||
atau | atau | ||
<syntaxhighlight lang="shell"> | |||
vim /etc/nginx/conf.d/default.conf | |||
</syntaxhighlight> | |||
*Lalu tambahkan code berikut | *Lalu tambahkan code berikut | ||
<syntaxhighlight lang="nginx" line="1"> | |||
modsecurity on; | |||
modsecurity_rules_file /etc/nginx/modsec/main.conf; | |||
</syntaxhighlight> | |||
{{Note|Jika mengikuti tutorial dari awal, konfigurasi default.conf berada di dorectory /etc/nginx/conf.d}} | {{Note|Jika mengikuti tutorial dari awal, konfigurasi default.conf berada di dorectory /etc/nginx/conf.d}} | ||
| Line 223: | Line 232: | ||
*'''Sample''' | *'''Sample''' | ||
<syntaxhighlight lang="nginx" line="1"> | |||
server { | |||
listen 80; | |||
listen [::]:80; | |||
server_name _; | |||
root /usr/share/nginx/html/; | |||
index index.php index.html index.htm index.nginx-debian.html; | |||
modsecurity on; | |||
modsecurity_rules_file /etc/nginx/modsec/main.conf; | |||
</syntaxhighlight> | |||
==Source== | ==Source== | ||
<references /> | |||
*[https://www.linode.com/docs/guides/securing-nginx-with-modsecurity/ linode.com] | *[https://www.linode.com/docs/guides/securing-nginx-with-modsecurity/ linode.com] | ||
*[https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/ nginx.com] | *[https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/ nginx.com] | ||