Comments on Install LibModsecurity Web Application Firewall with Nginx on CentOS 8

A very good howto, like your other howtos. You must add a Letsencrypt certificate as a wildcard and thus Nginx will also have the role of Reverse-Proxy for other vms or cts of a data center. Thank you very much for your howtos.

Cool howto! Thank you!Just a little tip: If you are using a small vm (1GB), you will run out of memory at - Compile and install LibModSecurity - point. You can add SWAP to your vm, and you will be able to compile and install the LibModSecurity.

I had to do this.

Hope it helps.

Thanks for your How To, very clear and flawless on Centos 8 and nginx/1.18.0, a couple of situations with the final tests... Nginx 

http://localhost/index.html?exec=/bin/bash.  does not show 403  just localhost reject the connection, it is right?

Second Test curl http://localhost/?q="><script>alert(1)</script>"  in command line responds this... whichcorresponds to the normal test page in browser...   there is something moree to do for get the same messages shown in tutorial?  want to be sure it works fine

<!DOCTYPE html>

<html>

<head>

<title>Welcome to nginx!</title>

<style>

    body {

        width: 35em;

        margin: 0 auto;

        font-family: Tahoma, Verdana, Arial, sans-serif;

    }

</style>

</head>

<body>

<h1>Welcome to nginx!</h1>

<p>If you see this page, the nginx web server is successfully installed and

working. Further configuration is required.</p>

<p>For online documentation and support please refer to

<a href="http://nginx.org/">nginx.org</a>.<br/>

Commercial support is available at

<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>

</body>

</html>

Thanks in advance and your help is highly appreciatted.

Regards

Excellent guide, works at 1st. A guide on how to improve modsecurity with additional rules, custom logs, log analysis would be much appreciated.