Nginx:Install ModSecurity: Difference between revisions

Line 116:

</syntaxhighlight>

*Tambahkan code berikut

load_module /etc/nginx/modules/ngx_http_modsecurity_module.so;

</syntaxhighlight>

*'''Sample'''

user www-data;

worker_processes auto; pid /run/nginx.pid;

Line 131:

Line 134:

*Pertama, hapus kumpulan aturan saat ini bawaan sebelumnya dengan ModSecurity, menggunakan perintah berikut:

sudo rm -rf /usr/share/modsecurity-crs

sudo rm -rf /usr/share/modsecurity-crs

</syntaxhighlight>

*Clone repository ke directory <code>/usr/local/modsecurity-crs</code>

sudo git clone ~~<nowiki>~~https://github.com/coreruleset/coreruleset~~</nowiki>~~ /usr/local/modsecurity-crs

sudo git clone https://github.com/coreruleset/coreruleset /usr/local/modsecurity-crs

</syntaxhighlight>

*Rename the <code>crs-setup.conf.example</code> ke <code>crs-setup.conf</code>:

sudo mv /usr/local/modsecurity-crs/crs-setup.conf.example /usr/local/modsecurity-crs/crs-setup.conf

sudo mv /usr/local/modsecurity-crs/crs-setup.conf.example /usr/local/modsecurity-crs/crs-setup.conf

</syntaxhighlight>

*Ganti nama file aturan pengecualian permintaan default:

sudo mv /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf

sudo mv /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf

</syntaxhighlight>

Sekarang harus menyiapkan OWASP-CRS dan siap digunakan dalam konfigurasi [[Nginx]].

Line 146:

Line 160:

==Konfigurasi ModSecurity==

*Mulailah dengan membuat direktori ModSecurity di direktori <code>/etc/nginx/</code>:

sudo mkdir -p /etc/nginx/modsec

sudo mkdir -p /etc/nginx/modsec

</syntaxhighlight>

*Salin file pemetaan unicode dan file konfigurasi ModSecurity dari repository GitHub ModSecurity cloning kalian:

sudo cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec

sudo cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec

</syntaxhighlight>

sudo cp /opt/ModSecurity/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf

<syntaxhighlight lang="shell">sudo cp /opt/ModSecurity/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf</syntaxhighlight>

*Hapus ekstensi <code>.recommended</code> dari nama file konfigurasi ModSecurity dengan perintah berikut:

sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

</syntaxhighlight>

*Dengan editor teks seperti vim atau nano, buka <code>/etc/modsecurity/modsecurity.conf</code> dan ubah nilai untuk <code>SecRuleEngine</code> menjadi <code>On</code>:

# -- Rule engine initialization ----------------------------------------------

# Enable ModSecurity, attaching it to every transaction. Use detection

# -- Rule engine initialization ----------------------------------------------

# only to start with, because that minimises the chances of post-installation

# disruption.

# Enable ModSecurity, attaching it to every transaction. Use detection

#

# only to start with, because that minimises the chances of post-installation

~~<span style="color:#ff0000">~~SecRuleEngine On</~~span~~>

# disruption.

#

SecRuleEngine On

</syntaxhighlight>

*Buat file konfigurasi baru bernama <code>main.conf</code> di direktori <code>/etc/nginx/modsec</code>:

@@ Line 116: / Line 116: @@
 </syntaxhighlight>
 *Tambahkan code berikut
 <syntaxhighlight lang="nginx">
 load_module /etc/nginx/modules/ngx_http_modsecurity_module.so;
 </syntaxhighlight>
 *'''Sample'''
-<syntaxhighlight lang="nginx">
+<syntaxhighlight lang="nginx" line="1">
 user www-data;
 worker_processes auto; pid /run/nginx.pid;
@@ Line 131: / Line 134: @@
 *Pertama, hapus kumpulan aturan saat ini bawaan sebelumnya dengan ModSecurity, menggunakan perintah berikut:
- sudo rm -rf /usr/share/modsecurity-crs
+<syntaxhighlight lang="shell">
+sudo rm -rf /usr/share/modsecurity-crs
+</syntaxhighlight>
 *Clone repository ke directory <code>/usr/local/modsecurity-crs</code>
- sudo git clone <nowiki>https://github.com/coreruleset/coreruleset</nowiki> /usr/local/modsecurity-crs
+<syntaxhighlight lang="shell">
+sudo git clone https://github.com/coreruleset/coreruleset /usr/local/modsecurity-crs
+</syntaxhighlight>
 *Rename the <code>crs-setup.conf.example</code> ke <code>crs-setup.conf</code>:
- sudo mv /usr/local/modsecurity-crs/crs-setup.conf.example /usr/local/modsecurity-crs/crs-setup.conf
+<syntaxhighlight lang="shell">
+sudo mv /usr/local/modsecurity-crs/crs-setup.conf.example /usr/local/modsecurity-crs/crs-setup.conf
+</syntaxhighlight>
 *Ganti nama file aturan pengecualian permintaan default:
- sudo mv /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+<syntaxhighlight lang="shell">
+sudo mv /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example /usr/local/modsecurity-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+</syntaxhighlight>
 Sekarang harus menyiapkan OWASP-CRS dan siap digunakan dalam konfigurasi [[Nginx]].
@@ Line 146: / Line 160: @@
 ==Konfigurasi ModSecurity==
 *Mulailah dengan membuat direktori ModSecurity di direktori <code>/etc/nginx/</code>:
- sudo mkdir -p /etc/nginx/modsec
+<syntaxhighlight lang="shell">
+sudo mkdir -p /etc/nginx/modsec
+</syntaxhighlight>
 *Salin file pemetaan unicode dan file konfigurasi ModSecurity dari repository GitHub ModSecurity cloning kalian:
- sudo cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec
+<syntaxhighlight lang="shell">
+sudo cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec
+</syntaxhighlight>
- sudo cp /opt/ModSecurity/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf
+<syntaxhighlight lang="shell">sudo cp /opt/ModSecurity/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf</syntaxhighlight>
 *Hapus ekstensi <code>.recommended</code> dari nama file konfigurasi ModSecurity dengan perintah berikut:
-  sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
+<syntaxhighlight lang="shell">
+sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
+</syntaxhighlight>
 *Dengan editor teks seperti vim atau nano, buka <code>/etc/modsecurity/modsecurity.conf</code> dan ubah nilai untuk <code>SecRuleEngine</code> menjadi <code>On</code>:
- # -- Rule engine initialization ----------------------------------------------
+<syntaxhighlight lang="shell" line="1">
- # Enable ModSecurity, attaching it to every transaction. Use detection
+# -- Rule engine initialization ----------------------------------------------
- # only to start with, because that minimises the chances of post-installation
- # disruption.
+# Enable ModSecurity, attaching it to every transaction. Use detection
- #
+# only to start with, because that minimises the chances of post-installation
- <span style="color:#ff0000">SecRuleEngine On</span>
+# disruption.
+#
+SecRuleEngine On
+</syntaxhighlight>
 *Buat file konfigurasi baru bernama <code>main.conf</code> di direktori <code>/etc/nginx/modsec</code>: