This repository has been archived by the owner on Nov 8, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 606
naxsi compile
Pete Cooper edited this page Jul 3, 2018
·
15 revisions
We are going to cover naxsi/nginx compilation from sources. Refer to your distribution or 3rd party for existing packages.
Naxsi should be working with all Nginx versions superior to 0.8.X. To install it from source, we need to fetch both nginx and naxsi sources.
wget http://nginx.org/download/nginx-x.x.xx.tar.gz
wget https://github.com/nbs-system/naxsi/archive/x.xx.x.tar.gz
tar xvzf nginx-x.x.xx.tar.gz
tar xvzf naxsi-x.xx.tar.gz
cd nginx-x.x.xx/
Naxsi should not require any specific dependencies :
-
libpcreis already required by nginx -
libsslis already required by nginx for https -
zlibandgzipas well
./configure --add-module=../naxsi-x.xx/naxsi_src/ [add/remove your favorite/usual options]
make
make install
An example "building" options being here :
./configure --conf-path=/etc/nginx/nginx.conf --add-module=../naxsi-x.xx/naxsi_src/ \
--error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log \
--http-proxy-temp-path=/var/lib/nginx/proxy --lock-path=/var/lock/nginx.lock \
--pid-path=/var/run/nginx.pid --with-http_ssl_module \
--without-mail_pop3_module --without-mail_smtp_module \
--without-mail_imap_module --without-http_uwsgi_module \
--without-http_scgi_module --with-ipv6 --prefix=/usr
IMPORTANT
You need to remember this : NGINX will decide the order of modules according the order of the module's directive in nginx's ./configure. So, no matter what (except you really know what you are doing) put naxsi first in your ./configure. If you don't do so, you might run into various problems, from random / unpredictable behaviors to non-effective WAF.