wget http://
Nginx.org/download/
Nginx-1.6.3.tar.gz wget http://
Nginx.org/download/
Nginx-1.8.1.tar.gz wget http://zlib.net/zlib-1.2.8.tar.gz wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.38.tar.gz wget http://www.openssl.org/source/openssl-fips-2.0.12.tar.gz tar -zxvf
Nginx-1.6.3.tar.gz tar -zxvf zlib-1.2.8.tar.gz tar -zxvf pcre-8.38.tar.gz tar -zxvf openssl-fips-2.0.12.tar.gz cd openssl-fips-2.0.10 ./con
fig make sudo make install cd zlib-1.2.8 ./con
figure make sudo make install cd pcre-8.38 ./con
figure make sudo make install cd
Nginx-1.6.3 ./con
figure --with-pcre=../pcre-8.38 --with-zlib=../zlib-1.2.8 --with-openssl=../openssl-fips-2.0.12 make sudo make install cd /usr/local/
Nginx/sbin sudo ./
Nginx ----------------------------
添加 naxsi模块 wget https://github.com/nbs-sy
stem/naxsi/archive/master.zip mv master.zip naxsi-master.zip unzip naxsi-master.zip 在安装好的
Nginx/sbin/下执行 ./
Nginx -V 命令,可以查看到
Nginx的原有./con
figure 复制后并
添加naxsi模块
添加:--add-module=../naxsi-master/naxsi_src ./con
figure --with-pcre=../pcre-8.38 --with-zlib=../zlib-1.2.8 --with-openssl=../openssl-fips-2.0.10 --add-module=../naxsi-master/naxsi_src make sudo make install cp ~/naxsi-master/naxsi_con
fig/naxsi_core.rules /usr/local/
Nginx/conf/ cd /usr/local/
Nginx/conf vim mysite.rules
内容如下: #------------------------ #LearningMode; #Enables learning mode Se
crulesEnabled; #Se
crules
disabled; DeniedUrl "/RequestDenied"; ## check rules CheckRule "$
sql >= 8" BLOCK; CheckRule "$RFI >= 8" BLOCK; CheckRule "$TRAVERSAL >= 4" BLOCK; CheckRule "$EVADE >= 4" BLOCK; CheckRule "$XSS >= 8" BLOCK; #--------------------------- vim
Nginx.conf 在http部分加入如下配置 include /usr/local/
Nginx/conf/naxsi_core.rules; 在 server的 location / { #
在这里面
增加: include /usr/local/
Nginx/conf/mysite.rules; } #
增加: location /RequestDenied { return 403; } 主要参考资料: http://blog.cnwyhx.com/centos-
Nginx-naxsi-install/