GitHub

ModSecurity with Nginx: Installation Script & Dockerfile

Installation Script (bash): Automates the installation and configuration of ModSecurity as a dynamic module for a host-installed Nginx on Linux. It handles all dependencies, builds ModSecurity from ...
Linux Journal

ModSecurity and nginx

nginx is the web server that's replacing Apache in more and more of the world's websites. Until now, nginx has not been able to benefit from the security ModSecurity provides. Here's how to install ...
GitHub

libnginx-mod-http-modsecurity for Ubuntu 22.04 LTS (Jammy)

This project is intended for users who need nginx with ModSecurity on Ubuntu 22.04 LTS (Jammy) while keeping the stock Ubuntu nginx packages unchanged. It focuses on stability and operational safety.
Infosecurity-magazine.com

Black Hat 2012: ModSecurity open-source firewall now supports Apache, IIS and Nginx

There are two main open-source web firewalls: ModSecurity and IronBee. Ivan Ristic has been involved in both. He first started work on ModSecurity some ten years ago and was soon joined by Ryan ...
InfoQ

NGINX Release Targets Application Security

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...
Pro-Linux

Sicherheit: Preisgabe von Informationen in nginx-mod-modsecurity

values when using HTTP/2; the bug had appeared in 1.17.9. *) Bugfix: in handling "Host" header lines with a port when using HTTP/3. *) Bugfix: an XCLIENT command didn't use the xtext encoding. Thanks ...
Pro-Linux

Sicherheit: Mangelnde Rechteprüfung in nginx-mod-modsecurity

*) Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different virtual server, to bypass client SSL certificates verification (CVE-2025-23419 ...