Skip to content

I suggest you...

← Feature Suggestions

Compile nginx with mod_security

Basically, the title says it all.
It can be done manually but then we wont be able to configure mod_security (rules, detection level, fail2ban) in Plesk.

Please include mod_security in nginx.

41 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Marvin Zurborg shared this idea  ·   ·  Report…  ·  Admin →

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Automata commented  ·   ·  Report

    Hi, please include Mod_Security v3 for NGINX on PLESK Obsidian !

    Thanks in advance for the support.

  • Gabriel T commented  ·   ·  Report

    I think this needs more attention. Especially since nginx now provides the ability to add module without recompiling the whole nginx binary. It should help a lot to provide more security to PLESK

  • Franky - Groovix commented  ·   ·  Report

    The ModSecurity-nginx connector is the connection point between Nginx and libmodsecurity (ModSecurity v3). Said another way, this project provides a communication channel between Nginx and libmodsecurity. This connector is required to use LibModSecurity with Nginx.

    The ModSecurity-nginx connector takes the form of an Nginx module. The module simply serves as a layer of communication between Nginx and ModSecurity.

    What is the difference between this project and the old ModSecurity add-on for nginx?

    The old version uses ModSecurity standalone, which is a wrapper for Apache internals to link ModSecurity to nginx. This current version is closer to nginx, consuming the new libmodsecurity which is no longer dependent on Apache. As a result, This current version has less dependencies, fewer bugs, and is faster. In addition, Some new functionality is also provided - such as the possibility of use of global rules configuration with per directory/location customizations (e.g. SecRuleRemoveById).

    https://github.com/SpiderLabs/ModSecurity-nginx

Feature Suggestions: Security

Categories

Feedback and Knowledge Base

(thinking…)