ModSecurity is an open-source, cross-platform web application firewall (WAF) module that helps to detect and prevent various attacks against web applications. It can block common code injection attacks ensuring higher level of server security. ModSecurity module contains a set of rules for cross website scripting and prevents SQL injection, bad user agents, session hijacking, trojans, and other exploits.
Cloudlets Australia certified NGINX stacks (application servers and load balancer) are provided with the already pre-built ModSecurity module.
To enable ModSecurity on your containers, follow the step-by-step guide below:
2. Click Config within your environment (or create new one with NGINX load balancer).
3. Load the ModSecurity shared NGINX module by uncommenting the next line in the /etc/nginx/nginx.conf file:
#load_module modules/ngx_http_modsecurity_module.so;
Click Save.
4. Now, let's enable the ModSecurity: just uncomment the following lines in the same /etc/nginx/nginx.conf config for the NGINX application server stack (or /etc/nginx/nginx-jelastic.conf for the load balancer).
#modsecurity on;
#modsecurity_rules_file /etc/nginx/conf.d/modsecurity/modsec_includes.conf;
Again, click Save after performing adjustments.
5. According to the /etc/nginx/conf.d/modsecurity/modsec_includes.conf config, an OWASP ModSecurity Core Rule Set (CRS) is included by default (provides generic protection from unknown vulnerabilities often found in web applications).
You can also upload your custom rules as *.conf files to the /etc/nginx/conf.d/modsecurity/owasp-modsecurity-crs/rules folder.
6. Restart your NGINX node to make all the customizations applied.
That's all - from now on your application is protected with ModSecurity.
7. To verify it - execute the nginx -V command on the node (e.g. via Web SSH) and check the ModSecurity module in the list.
The ModSecurity module is up and working to keep your web application secure - to test it out start your free trial and ensure high-level protection for your projects.