How to set up the ModSecurity module#
After the ModSecurity package was installed, additional setup is required.
Enable the installed module in your configuration with the load_module directive:
load_module modules/ngx_http_modsecurity_module.so;
Use the
modsecurity
andmodsecurity_rules_file
directives in an appropriate context, such asserver
:server { modsecurity on; modsecurity_rules_file /etc/angie/modsecurity/rules.conf; # ... }
Copy the OWASP ModSecurity Core Rule Set (CRS) to
/var/lib/angie/modsecurity/
:$ cd /var/lib/angie/modsecurity/ $ sudo git clone -b v4.1.0 https://github.com/coreruleset/coreruleset
Tip
Find the latest release number here: coreruleset/coreruleset
In the core rule set directory, copy the minimal necessary ModSecurity configuration examples:
$ sudo cp coreruleset/crs-setup.conf.example coreruleset/crs-setup.conf $ sudo cp coreruleset/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example \ coreruleset/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf $ sudo cp coreruleset/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example \ coreruleset/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
Uncomment the following
Include
directives in/etc/angie/modsecurity/rules.conf
:Include /var/lib/angie/modsecurity/coreruleset/crs-setup.conf Include /var/lib/angie/modsecurity/coreruleset/rules/*.conf
Reload Angie configuration to apply the changes:
$ sudo angie -t && sudo service angie reload