Re: Modsecurity dynamic module with Nginx-plus

2017-08-10 Thread Maxim Konovalov
On 10/08/2017 16:52, blason wrote: > Hi All, > > I just purchased nginx-plus and since it is delivered in binaries, since > this is a case I am unable to install Modsecurity with nginx-plus. I > followed various guides and able to compile dynamic_module However when I am > enabling the

Whitelisting files with certain extensions

2017-08-10 Thread ST
Hello, we had following problem: one of the developers has saved a .php file as .php.old. This file, if requested directly, was offered by nginx for download and thus exposed. What is the right way to solve this? 1. initial idea was to whitelist all the legitimate file extensions that we use and

Re: Modsecurity dynamic module with Nginx-plus

2017-08-10 Thread Maxim Konovalov
On 10/08/2017 17:37, blason wrote: > Unfortunately we do not have budget at this moment and we were unsure at the > time of purchasing that paid nginx option does not give source codes to > compile hence we are now struggling. Can someone please help us here? > You can use nginx-oss source to

Re: Modsecurity dynamic module with Nginx-plus

2017-08-10 Thread blason
Unfortunately we do not have budget at this moment and we were unsure at the time of purchasing that paid nginx option does not give source codes to compile hence we are now struggling. Can someone please help us here? Posted at Nginx Forum:

[no subject]

2017-08-10 Thread Andry Thierry RAKOTOARIMALALA
Hi, Can an nginx instance use a web server and a stream to do a proxy (pass-thru) with ng_stream_core_module? When I verified the compilation option , I see --with-stream=dynamic. Is that mean the module is load or not? Thanks -- RAKOTO ___ nginx

Reverse proxy for multiple domains

2017-08-10 Thread Mik J via nginx
Nginx: 1.10.2 Hello, I'm tryging to get reverse proxy working with multiple domains I have application1.org and application2.org. The client requesting these URLs, arrives one the reverse proxy. On this reverse proxy I have a virtual host which looks like that server { listen 80;

Modsecurity dynamic module with Nginx-plus

2017-08-10 Thread blason
Hi All, I just purchased nginx-plus and since it is delivered in binaries, since this is a case I am unable to install Modsecurity with nginx-plus. I followed various guides and able to compile dynamic_module However when I am enabling the modesecurity in conf file the nginx worker process is

Re: Is there a wait to get at a module's main conf inside the loc conf's init?

2017-08-10 Thread ptcell
Maxim Dounin Wrote: --- > Hello! > > On Wed, Aug 09, 2017 at 09:33:59PM -0400, ptcell wrote: > > > From the debugger I can see that it's probably some offset into > > cf->ctx[index].main_conf, but I don't see anyway of knowing what > that index

Re: Is there a wait to get at a module's main conf inside the loc conf's init?

2017-08-10 Thread Maxim Dounin
Hello! On Wed, Aug 09, 2017 at 09:33:59PM -0400, ptcell wrote: > From the debugger I can see that it's probably some offset into > cf->ctx[index].main_conf, but I don't see anyway of knowing what that index > is inside the loc create callback. > > Is there any other way of getting this?

Re: Modsecurity dynamic module with Nginx-plus

2017-08-10 Thread George
yeah just use nginx open source free version if you need compile support - updated guide at https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/ Posted at Nginx Forum: https://forum.nginx.org/read.php?2,276008,276018#msg-276018

Запрет доступа с прокси

2017-08-10 Thread z6464
Как можно заблокировать максимально возможное количество прокси? Обычно берут прокси с https://hidemy.name/ru/proxy-list/ Есть ли возможность заблокировать хоть с низкой и средней анонимностью? Базы не очень подходят, тк новые прокси появляются практически каждую минуту. Хотелось бы хоть как-то

Re: Запрет доступа с прокси

2017-08-10 Thread Gena Makhomed
On 10.08.2017 14:52, z6464 wrote: Хотелось бы хоть как-то затруднить спам. Для защиты от спама применяют https://www.google.com/recaptcha/intro/ -- Best regards, Gena ___ nginx-ru mailing list nginx-ru@nginx.org

[nginx] Restored ngx_event_aio_t layout for debug logging.

2017-08-10 Thread Maxim Dounin
details: http://hg.nginx.org/nginx/rev/371da6a7021b branches: changeset: 7089:371da6a7021b user: Maxim Dounin date: Thu Aug 10 22:21:22 2017 +0300 description: Restored ngx_event_aio_t layout for debug logging. The "fd" field should be after 3 pointers for

[nginx] Range filter: changed type for total length to off_t.

2017-08-10 Thread Maxim Dounin
details: http://hg.nginx.org/nginx/rev/a2f5e25d6a28 branches: changeset: 7090:a2f5e25d6a28 user: Maxim Dounin date: Thu Aug 10 22:21:23 2017 +0300 description: Range filter: changed type for total length to off_t. Total length of a response with multiple ranges

[nginx] Style.

2017-08-10 Thread Maxim Dounin
details: http://hg.nginx.org/nginx/rev/f684178faec9 branches: changeset: 7088:f684178faec9 user: Maxim Dounin date: Thu Aug 10 22:21:20 2017 +0300 description: Style. diffstat: src/core/ngx_regex.c | 4 ++--

поддержка pcre (и pcre-jit) в стандартных пакетах

2017-08-10 Thread Илья Шипицин
Добрый день! http://nginx.org/packages/mainline/centos/7/x86_64/RPMS/ - тут пакеты без pcre-jit (хотя в spec присутствуют следы вызова pcre-config) есть причина, чтобы пакеты делать без pcre-jit или так исторически ? Илья Шипицин ___ nginx-ru mailing