Menu Close

Debian12+Nginx+ModSecurity 实现WAF

一、环境说明
操作系统:Debian 12
APT仓库:Stable仓库
Nginx版本:无特定版本,因为用的是Debian仓库的版本,并非自行编译
ModSecurity:用的是Debian仓库的配套模块 libnginx-mod-http-modsecurity
Nginx-LUA支持:用于自定义405拦截页面(原来是403的返回,我改成405了)

二、Debian APT 仓库配置
apt源配置文件: /etc/apt/sources.list

#软件仓库
deb http://deb.debian.org/debian/ bookworm main non-free-firmware
deb-src http://deb.debian.org/debian/ bookworm main non-free-firmware

#安全更新通道
deb http://security.debian.org/debian-security bookworm-security main non-free-firmware
deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware

#软件升级通道
deb http://deb.debian.org/debian/ bookworm-updates main non-free-firmware
deb-src http://deb.debian.org/debian/ bookworm-updates main non-free-firmware

三、安装NGINX 和 ModSecurity

#安装NGINX
apt install nginx

#安装ModSecurity
apt install libnginx-mod-http-modsecurity

#安装Nginx-LUA支持
apt install libnginx-mod-http-lua

四、修改NGINX配置文件,启用ModSecurity模块

后续待更新