mirror of
https://github.com/ADD-SP/ngx_waf.git
synced 2026-04-26 22:15:55 +03:00
[GH-ISSUE #83] 楼主有一个问题 宝塔安装Current 版本 会checking for modsecurity library ... not found #58
Labels
No labels
MacOS
Nginx
OpenResty
Tengine
bug
documentation
enhancement
needs-investigation
pull-request
question
stale
stale
stale
timeout
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/ngx_waf#58
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @ylwzbk on GitHub (Jan 10, 2022).
Original GitHub issue: https://github.com/ADD-SP/ngx_waf/issues/83
系统版本。centos。 7.9
WAF版本 Current
宝塔编译时出现这个
checking for modsecurity library ... not found
./configure: error: the ngx_http_waf_module module requires the modsecurity library.
Please run:
On Ubuntu or Debian:
apt-get update && apt-get install --yes libmodsecurity3 libmodsecurity-dev
按照 教程是运行了 modsecurity 操作
编译WAF,LTS版本 的是 无这个问题。 环境变量 设置也没问题 奇了怪了
@ADD-SP commented on GitHub (Jan 10, 2022):
我没看懂你的描述。
@ylwzbk commented on GitHub (Jan 10, 2022):
我第一次安装LTS 版本的WAF 正常
后面我想安装 Current 版本时 shell 显示
adding module in /usr/local/src/ngx_waf
checking for modsecurity library ... not found
./configure: error: the ngx_http_waf_module module requires the modsecurity library.
Please run:
安装 ModSecurity v3 操作也是教程上 跑的
cd /usr/local/src
git clone -b v3.0.5 https://github.com/SpiderLabs/ModSecurity.git
cd ModSecurity
chmod +x build.sh
./build.sh
git submodule init
git submodule update
./configure --prefix=/usr/local/modsecurity --with-maxmind=/usr/local/libmaxminddb
make -j$(nproc)
make install
安装 LTS 的版本正常
只有安装 Current 版本会这样
环境变量添加的这个也没问题
export LIB_SODIUM=/usr/local/libsodium
export LIB_MODSECURITY=/usr/local/modsecurity
@ADD-SP commented on GitHub (Jan 10, 2022):
确定上述命令都执行成功了么?是否清空过宝塔缓存?是否重启过宝塔?
@ylwzbk commented on GitHub (Jan 10, 2022):
命令都执行成功了 ,就卡在 找不到 modsecurity 模块 其他都没问题, 都重启了 就是编译 找不到 奇了怪了
@ADD-SP commented on GitHub (Jan 10, 2022):
检查一下
/usr/local/modsecurity是否存在,以及是否为空。@ylwzbk commented on GitHub (Jan 10, 2022):
[root@VM-16-10-centos modsecurity]# ls /usr/local/modsecurity
AUTHORS build.sh examples LICENSE others tools
bin CHANGES headers Makefile.am README.md unicode.mapping
bindings configure.ac include modsecurity.conf-recommended src
build doc lib modsecurity.pc.in test
[root@VM-16-10-centos modsecurity]#
存在 也安装成功了 宝塔扩展安装就是说 找不到 扩展我也纳闷了
@ADD-SP commented on GitHub (Jan 10, 2022):
你不会直接把
modsecurity的源码拷贝到/usr/local/modsecurity了吧?@ylwzbk commented on GitHub (Jan 10, 2022):
正常的./configure 编译 依旧是 checking for modsecurity library ... not found 就是不行 我有点怀疑是不是这傻逼宝塔的问题了
@ADD-SP commented on GitHub (Jan 10, 2022):
你是不是把
modsecurity的源码拷贝到/usr/local/modsecurity?@ylwzbk commented on GitHub (Jan 10, 2022):
第一次是拷贝源码到/usr/local/modsecurity了 nginx 还是提示找不到 第二次 rm删除了 /usr/local/modsecurity 再次 ./configure 编译 nginx 编译的时候还是 checking for modsecurity library ... not found
@ADD-SP commented on GitHub (Jan 10, 2022):
不应该拷贝源码,应该正常编译安装 modsecurity,顺便,现在应该安装 modsecurity v3.0.6。你重新下载安装一下。
@ADD-SP commented on GitHub (Jan 10, 2022):
@ylwzbk commented on GitHub (Jan 10, 2022):
我试试看 国内主机 git submodule update 卡住了
@ylwzbk commented on GitHub (Jan 10, 2022):
使用了
rm -rf /usr/local/modsecurity
cd /usr/local/src
git clone -b v3.0.6 https://github.com/SpiderLabs/ModSecurity.git
cd ModSecurity
chmod +x build.sh
./build.sh
git submodule init
git submodule update
./configure --prefix=/usr/local/modsecurity --with-maxmind=/usr/local/libmaxminddb
make -j$(nproc)
make install
编译nginx 依旧 checking for modsecurity library ... not found
@ADD-SP commented on GitHub (Jan 11, 2022):
继续检查目录
/usr/local/modsecurity的内容。@ylwzbk commented on GitHub (Jan 11, 2022):
root@VM-16-10-centos modsecurity]# tree -a
.
|-- bin
|
-- modsec-rules-check |-- include |-- modsecurity| |-- actions
| |
-- action.h | |-- anchored_set_variable.h | |-- anchored_set_variable_translation_proxy.h | |-- anchored_variable.h | |-- audit_log.h | |-- collection | | |-- collection.h | |-- collections.h| |-- debug_log.h
| |-- intervention.h
| |-- modsecurity.h
| |-- reading_logs_via_rule_message.h
| |-- rule.h
| |-- rule_marker.h
| |-- rule_message.h
| |-- rules_exceptions.h
| |-- rules.h
| |-- rules_set.h
| |-- rules_set_phases.h
| |-- rules_set_properties.h
| |-- rule_unconditional.h
| |-- rule_with_actions.h
| |-- rule_with_operator.h
| |-- transaction.h
| |-- variable_origin.h
|
-- variable_value.h-- lib|-- libmodsecurity.a
|-- libmodsecurity.la
|-- libmodsecurity.so -> libmodsecurity.so.3.0.6
|-- libmodsecurity.so.3 -> libmodsecurity.so.3.0.6
|-- libmodsecurity.so.3.0.6
-- pkgconfig-- modsecurity.pc7 directories, 32 files
[root@VM-16-10-centos modsecurity]# tree -f
.
|-- ./bin
|
-- ./bin/modsec-rules-check |-- ./include |-- ./include/modsecurity| |-- ./include/modsecurity/actions
| |
-- ./include/modsecurity/actions/action.h | |-- ./include/modsecurity/anchored_set_variable.h | |-- ./include/modsecurity/anchored_set_variable_translation_proxy.h | |-- ./include/modsecurity/anchored_variable.h | |-- ./include/modsecurity/audit_log.h | |-- ./include/modsecurity/collection | | |-- ./include/modsecurity/collection/collection.h | |-- ./include/modsecurity/collection/collections.h| |-- ./include/modsecurity/debug_log.h
| |-- ./include/modsecurity/intervention.h
| |-- ./include/modsecurity/modsecurity.h
| |-- ./include/modsecurity/reading_logs_via_rule_message.h
| |-- ./include/modsecurity/rule.h
| |-- ./include/modsecurity/rule_marker.h
| |-- ./include/modsecurity/rule_message.h
| |-- ./include/modsecurity/rules_exceptions.h
| |-- ./include/modsecurity/rules.h
| |-- ./include/modsecurity/rules_set.h
| |-- ./include/modsecurity/rules_set_phases.h
| |-- ./include/modsecurity/rules_set_properties.h
| |-- ./include/modsecurity/rule_unconditional.h
| |-- ./include/modsecurity/rule_with_actions.h
| |-- ./include/modsecurity/rule_with_operator.h
| |-- ./include/modsecurity/transaction.h
| |-- ./include/modsecurity/variable_origin.h
|
-- ./include/modsecurity/variable_value.h-- ./lib|-- ./lib/libmodsecurity.a
|-- ./lib/libmodsecurity.la
|-- ./lib/libmodsecurity.so -> libmodsecurity.so.3.0.6
|-- ./lib/libmodsecurity.so.3 -> libmodsecurity.so.3.0.6
|-- ./lib/libmodsecurity.so.3.0.6
-- ./lib/pkgconfig-- ./lib/pkgconfig/modsecurity.pc7 directories, 32 files
目录也没问题
@ADD-SP commented on GitHub (Jan 11, 2022):
执行命令
echo $LIB_MODSECURITY,输出是什么?@ylwzbk commented on GitHub (Jan 11, 2022):
输出 就是
[root@VM-16-10-centos modsecurity]# echo $LIB_MODSECURITY
/usr/local/modsecurity
[root@VM-16-10-centos modsecurity]#
@ADD-SP commented on GitHub (Jan 11, 2022):
这两行添加到
/etc/profile里了么?@ylwzbk commented on GitHub (Jan 11, 2022):
添加了 也 source /etc/profile 了
@ADD-SP commented on GitHub (Jan 11, 2022):
见了鬼了。
@ylwzbk commented on GitHub (Jan 11, 2022):
对啊 我也是 郁闷了 明明啥都没有错 nginx 编译他给我报这个找不到模块的错误
@ADD-SP commented on GitHub (Jan 11, 2022):
会手动编译 nginx 么?手动走一遍流程试试。如果失败源码目录下会有一个
objs/autoconf.err,内容贴出来。@ylwzbk commented on GitHub (Jan 11, 2022):
行 我手动编译一遍看看
@ylwzbk commented on GitHub (Jan 11, 2022):
行了 宝塔的毛病 手动编译 正常 没问题
@ylwzbk commented on GitHub (Jan 11, 2022):
多谢大哥
@ylwzbk commented on GitHub (Jan 13, 2022):
大哥 我通过修改了 宝塔默认安装nginx.sh 脚本安装成功了WAF 但是有添加防cc 配置的时候
waf_cc_deny on rate=1000r/m duration=60m zone=waf:cc;
会提示 ERROR:
nginx: [emerg] ngx_waf: zone name does not exists (22: Invalid argument) in /www/server/panel/vhost/nginx/waf.test.com.conf:16
nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
nginx -V 里面有也有ngx_waf
@ADD-SP commented on GitHub (Jan 13, 2022):
https://add-sp.github.io/ngx_waf-docs/zh-cn/advance/directive.html#waf
@ylwzbk commented on GitHub (Jan 13, 2022):
我丢 不好意思 大哥 怪我 没仔细看教程