Compile nginx with mod_security
Basically, the title says it all.
It can be done manually but then we wont be able to configure mod_security (rules, detection level, fail2ban) in Plesk.
Please include mod_security in nginx.
Gabriel T commented
I think this needs more attention. Especially since nginx now provides the ability to add module without recompiling the whole nginx binary. It should help a lot to provide more security to PLESK
https://malware.expert - Securing your Web Server with ModSecurity rules
Franky - Groovix commented
The ModSecurity-nginx connector is the connection point between Nginx and libmodsecurity (ModSecurity v3). Said another way, this project provides a communication channel between Nginx and libmodsecurity. This connector is required to use LibModSecurity with Nginx.
The ModSecurity-nginx connector takes the form of an Nginx module. The module simply serves as a layer of communication between Nginx and ModSecurity.
What is the difference between this project and the old ModSecurity add-on for nginx?
The old version uses ModSecurity standalone, which is a wrapper for Apache internals to link ModSecurity to nginx. This current version is closer to nginx, consuming the new libmodsecurity which is no longer dependent on Apache. As a result, This current version has less dependencies, fewer bugs, and is faster. In addition, Some new functionality is also provided - such as the possibility of use of global rules configuration with per directory/location customizations (e.g. SecRuleRemoveById).
Cool Dark commented
+1 Maybe instead of the standalone ModSecurity that addon can be used: https://github.com/SpiderLabs/ModSecurity-nginx