准备文件:
. C7 z- v0 A5 D5 j( _wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
( J( K) F2 R, j) n0 Xtar xvzf openssl-1.1.0f.tar.gz0 V# y- x1 N M) g; U$ Q
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.41.tar.gz8 g8 u6 h2 k; M9 \4 U% `
tar xvzf pcre-8.41.tar.gz
* @7 p) Y$ Z' Y9 I" A: n% H% J+ K. e# r) H) f0 j
wget http://nginx.org/download/nginx-1.13.6.tar.gz- @5 X1 {, v- e( |9 Z# v
tart xvzf nginx-1.13.6.tar.gz9 m* @* f9 V) V
% \! d4 i# t9 k( T6 f& G
wget https://github.com/openresty/sregex/archive/master.zip! t$ t; T/ `; ^8 I z
mv master.zip replace-filter-nginx-module-master.zip/ _4 W' I& s; w) a {: v
unzip replace-filter-nginx-module-master.zip2 L7 s. ]4 m3 F8 M' I& F
6 ^& L1 A7 H, n8 W
安装sregex* A5 M' p% i8 S; d; l6 c v( n
[replace-filter-nginx-module-master关键词替换模块需要这个东西,如果不喜欢可以用ngx_http_substitutions_filter_module这个关键字替换模块]
, V- f1 D; X1 p! q- `wget https://github.com/openresty/sregex/archive/master.zip+ `' I- p4 n7 r* C# C
mv master.zip sregex.zip
1 p) E( W: q) W1 f! b9 T lunzip sregex.zip$ ]+ n" S8 J- n, k9 r3 }5 x
cd sregex1 G% m' U. ~$ k
make && make installln -s /usr/lib/libsregex.so.0 /usr/local/lib/libsregex.so.0.0.1 #按实际情况调整
: _# r5 f8 I* b: a9 p6 Dldconfig4 x+ n# P* P$ I4 q2 g
: ^, i1 F3 i+ y# G7 I
安装modsecurity2 o$ l3 F* W$ j/ \) P3 ?. w5 J
『依赖的包:pcre httpd-devel libxml2 apr 视情况安装。yum install httpd-devel apr apr-util-devel apr-devel pcre pcre-devel libxml2 libxml2-devel)』, [2 ]! s0 P+ J& i6 Y+ z4 L
git clone https://github.com/SpiderLabs/ModSecurity.git mod_security
( b( c8 `( P1 F$ H9 f1 ^cd mod_security
+ F1 r) b- v1 X0 {1 E./autogen.sh
" G* e6 t, j2 p& g# J./configure --enable-standalone-module
- ]0 `/ r/ [1 {0 ]0 L) S1 F# c- omake
9 l q* }. j0 A2 n7 }
0 R4 ]5 f7 @4 U x I( H' m p( ?3 I6 W8 J
安装nginx# c. }$ {2 w. S- }8 W4 I
cd nginx-1.13.6
@# w/ K; c; U+ ?0 V8 v; C }. e
6 L# M: @, D) M, X4 E- A3 C8 X[Bash shell] 纯文本查看 复制代码 ./configure \
--user=www \
--group=www \
--prefix=/www/webserver/nginx-1.13.6 \
--sbin-path=/www/webserver/nginx-1.13.6/sbin/nginx \
--pid-path=/www/webserver/nginx-1.13.6/logs/nginx.pid \
--conf-path=/www/webserver/nginx-1.13.6/conf/nginx.conf \
--error-log-path=/www/webserver/nginx-1.13.6/logs/error.log \
--http-log-path=/www/webserver/nginx-1.13.6/logs/access.log \
--http-client-body-temp-path=/www/webserver/nginx-1.13.6/temp/client \
--http-proxy-temp-path=/www/webserver/nginx-1.13.6/temp/proxy \
--http-fastcgi-temp-path=/www/webserver/nginx-1.13.6/temp/fcgi \
--http-scgi-temp-path=/www/webserver/nginx-1.13.6/temp/scgi \
--http-uwsgi-temp-path=/www/webserver/nginx-1.13.6/temp/uwsgi \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_gzip_static_module \
--with-pcre=/root/pcre-8.41 \
--with-http_sub_module \
--add-module=/root/replace-filter-nginx-module-master \
--add-module=/root/mod_security/nginx/modsecurity \
--with-openssl=/root/openssl-1.1.0f
& E3 a: j* C% k3 amake
, l5 w& k2 C, X. P' ]- Tmake install
& L% M: C6 d% W* x
# \0 J$ B9 A5 _# V注:--with-ipv6 已经被移除默认支持ipv6, --with-http_spdy 已经被移除合并到--with-http_v2_module
* c" _# }3 b- l$ o A1 Z7 s {' { b$ M) u" [1 }! @
" Z8 A# ]8 O4 ?3 y/ s# Y9 y. N9 k3 F. _& \4 t8 l2 l
; e3 i0 s: t, z- a/ S' |$ z; c8 e9 E5 v
- N( T, F' ?& ]
. ~( @( y( m& t1 u B) k4 ]& I! f$ F8 A& i3 ~" A! ?
9 I' i" Y6 ^6 o% i |