To quickly deploy WAF to Cloud4Y customers, WAF-modsecurity template is available in Public Catalogs.
Ubuntu 16.04 LTS template includes:
- Nginx / 1.13.12
- ModSecurity for Nginx / 3.0.0
- OWASP ModSecurity Core Rule Set Version 3.0.0
- Module Nginx Length Hiding Filter Module
- Module Nginx Headers More Module
- OpenSSL 1.0.2g
- Feedback form for notification of false positives WAF
For initial setup you need:
1. Copy your existing SSL certificates to / opt / ssl folder, renaming them to ssl_certificate.crt and ssl_certificate.key (WAF template assumes that the protected site uses HTTPS);
2. Enter the following data into / opt / config / userparams file:
3. Run the script /opt/config/set_userparams.sh, which will transfer the specified parameters to Nginx configuration and feedback form.
After that, the WAF is ready to go.
To check WAF, you can open the site by adding ?Testparam = test to the address bar
For example, https: // Your IP /? Testparam = test
If all is configured correctly, a feedback form will open with a proposal to send a message to the administrator about a false positive WAF.
When you click the "Unblock \\ Unblock" button, a letter with technical data, data from the logs and the text of a message to the administrator will be sent to the previously specified e-mail.
The code and pictures of the feedback form are located in / opt / 403 / folder. The form is written in PHP.
You can change the appearance of the form if necessary. For example, to adapt its appearance to the overall design of the site, etc.
Also in / opt / config folder are the configuration files:
- custom_rules.conf - here you can add your own rules for Mod_Security
- disabled_rules.conf - here you can enter the ID of disabled rules.
To apply changes to these files, you need to run systemctl reload nginx
All main configuration files for Nginx and Mod_security are located in / etc / nginx folder
They can be useful for you to a more thin tune of WAF.
Have you tried Virtual cloud servers by Cloud4Y? Not yet?
Leave a request and get a 10-day free trial.