[Article proposal] Setting a WAF with modsecurity for nginx

Article Summary:

Showcase newly added nginx-mod-modsecurity package that is a connector for libmodsecurity (ModSecurity v3). modsecurity for httpd has been part of Fedora/RHEL since many years ago, so sould like to focus on nginx.

Article Description:
The proposal would be to briefly explain what a WAF does and how can help to secure webservers, introduce (lib)modsecurity and continue with installing nginx’s modsecurity conector nginx-mod-modsecurity.

The flow of the article could be:

  • What is a WAF?
  • What is modsecurity?
  • Configure libmodsecurity and nginx-mod-modsecurity
  • Create a custom rule to test the install
  • Extend with with new rules (pending on a proposal to mod_security_crs)

A big +1! This sounds like a great article for Fedora Magazine.

+1 from me, @mikelo2
I’ve created Pagure ticket #190 to track this article and it is assigned to you.

Please use comments on this ticket if you have questions or need to communicate with the editors about anything.

When you have it ready to review in the Fedora Magazine WordPress site, please leave a comment in this ticket with a preview link and we will start the review process.

Thanks for volunteering to write for the magazine.