diego-treitos / nginx_waf Public

Notifications You must be signed in to change notification settings
Fork 3
Star 7

WAF written in lua for NGINX http server

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
test		test
waf		waf
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md

Repository files navigation

nginx_waf

WAF written in lua for NGINX http server

Installation

nginx lua

You need to install lua support for nginx. You can easily do that in a Ubuntu or Debian sytem by installing the package libnginx-mod-http-lua. You will have to ensure that you have this line at the begining of your nginx.conf

include /etc/nginx/modules-enabled/*.conf;

And that the symbolic link 50-mod-http-lua.conf -> /usr/share/nginx/modules-available/mod-http-lua.conf exists in your /etc/nginx/modules-enabled/ directory.

nginx waf

Copy the waf directory to /etc/nginx/
Add to nginx.conf, in the http section:

  lua_package_path   "/etc/nginx/waf/?.lua";
  init_by_lua_file   "/etc/nginx/waf/init.lua";
  access_by_lua_file "/etc/nginx/waf/waf.lua";

Create a location for the blocked requests in the server section of your site configuration. Default /waf-blocked but can be changed in the waf/config.lua