Using Nginx with Comando WAF- vendor available?

Please help an older lady here… I adopted a website that was shutting down. Got it in my lap and it was infested. I then cleaned it up, but every bot in town thinks my site is a buffet.

Many years back I used modsecurity when it was pretty brainless. But now, well not so much. My webhost does not support modsecurity and I really need to have this running. The default mod security rules cause a redirection loop with my site. Likely due to nginx and also a hotwired home page.

I can’t find an operational vendor page anywhere for Nginx. I used the Apache link and changed it for nginx, did find the page, but it won’t import.

So then I tried the Apache rules, and they seemed to work. But then I saw some Lfd logs and this scared me. I do know that Nginx uses a proxy. And what was happening is that I think anything modsecurity was blocking, showed my own servers IP adress, which was also showing as being ignored by LFD.

Does this mean that any attacks on my site were being ignored due to how Nginx works? Yikes if so…

Putty is a weakness of mine, and also, I would be afraid of messing something up with a full install. So I have no clue how to get this running as easily as possible. Any advice here?

Hello,

please, tell us about your web-server structure, I mean software you use. We have the ruleset for Nginx at https://waf.comodo.com, which can be used with some Web-Host Management Systems (Webmin, DirectAdmin) and for standalone installation.

Whm/Cpanel Apache Nginx invision power services

Need any other specs?

Is there any chance of a vendor for Nginx? This I could handle.

There are two ways to use our rulesets:

  1. with Apache, using our rules as one of ModSecurity vendors or installing our WAF-plugin from https://waf.comodo.com
  2. use Nginx as proxy with corresponding ruleset from https://waf.comodo.com

We don’t provide Nginx ruleset as cPanel ModSecurity vendors.

Can I used the Nginx rule set without installing anything?

Sure.

You can download Nginx ruleset as described here (Signup is FREE COMODO Account Management ):
Comodo Help

To plug rules on official instruction can be used:
Home · SpiderLabs/ModSecurity Wiki · GitHub

Regards, Oleg

My webhost said that ngonx will never work properly with modsecurity, so I had nginx removed.

Yes, Nginx have some troubles with mod_security.
I’d suggest to use Apache+mod_security for protection.
Also ConfigServer Security & Firewall (ConfigServer Security and Firewall (csf) – ConfigServer Services) is good for bruteforce prevention.

Regards, Oleg