本文解决了一个关于Nginx集成ModSecurity时出现的错误,涉及到未编译GeoIP支持的问题。通过注释特定规则,可以暂时避免因缺少GeoIP功能导致的启动失败。
This version of ModSecurity was not compiled with GeoIP or MaxMind support
nginx集成modsecurity启动报错
nginx: [emerg] “modsecurity_rules_file” directive Rules error. File: /usr/local/nginx/conf/modsecurity/rules/REQUEST-910-IP-REPUTATION.conf. Line: 73. Column: 22. This version of ModSecurity was not compiled with GeoIP or MaxMind support. in /usr/local/nginx/conf/nginx.conf:21
因为没有编译 GeoIP 。如果暂时不需要此功能,注释这条规则
#SecRule TX:HIGH_RISK_COUNTRY_CODES "!@rx ^$" \
# "id:910100,\
# phase:2,\
# block,\
# t:none,\
# msg:'Client IP is from a HIGH Risk Country Location.',\
# logdata:'%{MATCHED_VAR}',\
# tag:'application-multi',\
# tag:'language-multi',\
# tag:'platform-multi',\
# tag:'attack-reputation-ip',\
# tag:'paranoia-level/1',\
# severity:'CRITICAL',\
# chain"
# SecRule TX:REAL_IP "@geoLookup" \
# "chain"
# SecRule GEO:COUNTRY_CODE "@within %{tx.high_risk_country_codes}" \
# "setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}',\
# setvar:'ip.reput_block_flag=1',\
# setvar:'ip.reput_block_reason=%{rule.msg}',\
# expirevar:'ip.reput_block_flag=%{tx.reput_block_duration}'"
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
