准备文件:
, A+ V/ b, h1 U C+ `wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
" B2 R& E' I2 _0 e2 Q6 }/ U) Gtar xvzf openssl-1.1.0f.tar.gz% c, F9 h' u+ K0 Y3 W8 P' y& z; C
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.41.tar.gz
i* g5 Y. h0 d% x% t1 D' ?% Ftar xvzf pcre-8.41.tar.gz6 e; t) h3 i+ K: S. Z' |
$ j W% A! x3 o( y+ p2 B+ Q+ a' v$ c
wget http://nginx.org/download/nginx-1.13.6.tar.gz5 y& g8 X J8 |
tart xvzf nginx-1.13.6.tar.gz
) r0 d' l- B" {, G$ ~6 M- n' N8 I h
wget https://github.com/openresty/sregex/archive/master.zip
h0 L* ^- D/ d7 }$ fmv master.zip replace-filter-nginx-module-master.zip
! ]0 O) j& L) B/ sunzip replace-filter-nginx-module-master.zip
0 b; |1 W9 B! \+ k- F0 m
5 T1 T) E: a' J安装sregex) |7 I. a: B" ]; Q% ^
[replace-filter-nginx-module-master关键词替换模块需要这个东西,如果不喜欢可以用ngx_http_substitutions_filter_module这个关键字替换模块]
/ ]4 ~% B( m7 P$ Pwget https://github.com/openresty/sregex/archive/master.zip9 L$ ^* j) Q7 o- c
mv master.zip sregex.zip9 D' h8 A, c$ y' a: M' d4 I: J
unzip sregex.zip# l! Z8 T$ R4 }' r7 u
cd sregex$ A6 }6 d3 |* j, k q
make && make installln -s /usr/lib/libsregex.so.0 /usr/local/lib/libsregex.so.0.0.1 #按实际情况调整
2 c0 X1 S* @/ Y5 |: Jldconfig0 h/ V# M" M0 c5 X1 k" P* s; a4 L
1 m' J2 T& n" [& M& @( E" D
安装modsecurity
' x6 r; l4 o8 p7 M『依赖的包:pcre httpd-devel libxml2 apr 视情况安装。yum install httpd-devel apr apr-util-devel apr-devel pcre pcre-devel libxml2 libxml2-devel)』! s. Y+ _, z: w' j l
git clone https://github.com/SpiderLabs/ModSecurity.git mod_security C/ t" f. H1 L3 h
cd mod_security
) U- C" |: x: R/ D./autogen.sh . ]* [" a) f* F
./configure --enable-standalone-module
6 w& ^) F* f! ?make& J2 K1 e& \5 [
* @" l2 ^0 r) G; m
( G$ P/ Y) u( ~; c( y8 d* B安装nginx
7 v/ e2 v1 U8 l$ k1 dcd nginx-1.13.6
! B' ~. x T& {% s7 i0 b$ P
# i. ?% C7 N7 n+ l[Bash shell] 纯文本查看 复制代码 ./configure \
--user=www \
--group=www \
--prefix=/www/webserver/nginx-1.13.6 \
--sbin-path=/www/webserver/nginx-1.13.6/sbin/nginx \
--pid-path=/www/webserver/nginx-1.13.6/logs/nginx.pid \
--conf-path=/www/webserver/nginx-1.13.6/conf/nginx.conf \
--error-log-path=/www/webserver/nginx-1.13.6/logs/error.log \
--http-log-path=/www/webserver/nginx-1.13.6/logs/access.log \
--http-client-body-temp-path=/www/webserver/nginx-1.13.6/temp/client \
--http-proxy-temp-path=/www/webserver/nginx-1.13.6/temp/proxy \
--http-fastcgi-temp-path=/www/webserver/nginx-1.13.6/temp/fcgi \
--http-scgi-temp-path=/www/webserver/nginx-1.13.6/temp/scgi \
--http-uwsgi-temp-path=/www/webserver/nginx-1.13.6/temp/uwsgi \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_gzip_static_module \
--with-pcre=/root/pcre-8.41 \
--with-http_sub_module \
--add-module=/root/replace-filter-nginx-module-master \
--add-module=/root/mod_security/nginx/modsecurity \
--with-openssl=/root/openssl-1.1.0f
- }1 K$ e% b0 Y+ T8 B$ x# dmake5 A( _0 u: F) {( Z# R7 T
make install
7 Z. g# A+ S; V6 P( C! z4 A* U6 ? g2 n7 m+ {+ O
注:--with-ipv6 已经被移除默认支持ipv6, --with-http_spdy 已经被移除合并到--with-http_v2_module+ j3 i7 c6 o2 W; r4 H. c
0 G% f6 X% p1 b0 R
# `# i4 C$ o: H* Z5 ]0 }" s& M$ b& I% f( [
8 ~* u( o0 A, j6 u+ U* y
6 A, B* d' m) S+ s3 z% _- b/ k, }% y6 c
+ O) D0 \5 M* v# r: N& o
X/ o2 W$ C# V/ O
i. C% T/ G& g* l" ~2 t# [" r
| 
|Archiver|手机版|小黑屋|第一站论坛
( 蜀ICP备06004864号-6 )
窥视卡
雷达卡
发表于 2017-10-19 13:50:40
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡