Nginx + ModSecurity 报错


This version of ModSecurity was not compiled with GeoIP or MaxMind support

nginx集成modsecurity启动报错

nginx: [emerg] “modsecurity_rules_file” directive Rules error. File: /usr/local/nginx/conf/modsecurity/rules/REQUEST-910-IP-REPUTATION.conf. Line: 73. Column: 22. This version of ModSecurity was not compiled with GeoIP or MaxMind support. in /usr/local/nginx/conf/nginx.conf:21

因为没有编译 GeoIP 。如果暂时不需要此功能,注释这条规则

#SecRule TX:HIGH_RISK_COUNTRY_CODES "!@rx ^$" \
#    "id:910100,\
#    phase:2,\
#    block,\
#    t:none,\
#    msg:'Client IP is from a HIGH Risk Country Location.',\
#    logdata:'%{MATCHED_VAR}',\
#    tag:'application-multi',\
#    tag:'language-multi',\
#    tag:'platform-multi',\
#    tag:'attack-reputation-ip',\
#    tag:'paranoia-level/1',\
#    severity:'CRITICAL',\
#    chain"
#    SecRule TX:REAL_IP "@geoLookup" \
#        "chain"
#        SecRule GEO:COUNTRY_CODE "@within %{tx.high_risk_country_codes}" \
#            "setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}',\
#            setvar:'ip.reput_block_flag=1',\
#            setvar:'ip.reput_block_reason=%{rule.msg}',\
#            expirevar:'ip.reput_block_flag=%{tx.reput_block_duration}'"


你可能感兴趣的:(nginx,modsecurity)