NGINX WAF
Protect against Layer 7 attacks such as SQLi, XSS, CSRF, LFI, RFI, and more. The NGINX web application firewall (WAF) is built on ModSecurity 3.0.
Installation Instructions
Install the NGINX WAF module.
For Amazon Linux, CentOS, Oracle Linux, and RHEL:
$ yum install nginx-plus-module-modsecurity
For Debian and Ubuntu:
$ apt-get install nginx-plus-module-modsecurity
For SLES:
$ zypper install nginx-plus-module-modsecurity
Put the following directive in the top-level (“main”) context of the main NGINX Plus configuration file, /etc/nginx/nginx.conf:
load_module modules/ngx_http_modsecurity_module.so;
Perform additional configuration as required by the module.
Reload NGINX Plus to enable the module:
$ nginx -t && nginx -s reload