How VPS - How to use/setup VPS
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
How VPS - How to use/setup VPS
No Result
View All Result
Home Operating System Linux

Installing Naxsi On Ubuntu 14.04

How VPS by How VPS
January 1, 2020
in Linux
0
0
SHARES
66
VIEWS
Share on FacebookShare on Twitter

Contents

  1. Step 1A: Installing Naxsi without an existing Nginx installation
  2. Step 1B: Installing Naxsi with an existing Nginx installation
  3. Step 2: Editing Naxsi settings
  4. Step 3: Turning off learning mode
  5. Step 4: Restarting Naxsi
  6. Want to contribute?


Naxsi is a piece of software that extends Nginx (module). It provides a WAF (Web Application Firewall) and protects your sites from XSS and SQL injection, two well-known vulnerabilities. According to its developers, Naxsi is a low-maintenance module, so once installed you should see a considerably big boost in your site’s security without too much hassle.

In this doc, you’re going to see how we can add the Naxsi module to a new or existing Nginx installation on Ubuntu 14.04.

Step 1A: Installing Naxsi without an existing Nginx installation

Should you not have Nginx installed on your server yet, you should follow this step. If you already have an existing Nginx installation, follow step 1B. Before we’re going to install Naxsi, it might be smart to update our system. Do this by executing:

apt-get update

Next, we can install Naxsi. Using apt-get for the install, Naxsi and its dependencies will be installed. Naxsi will automatically be started on boot.

apt-get install nginx-naxsi

Step 1B: Installing Naxsi with an existing Nginx installation

Step 1A cannot be followed in case Nginx is already installed, as the nginx-naxsi package will be Nginx + Naxsi. If you already have Nginx and want Naxsi on top of that, generally, replacing the nginx-core package with the nginx-naxsi package should work fine. It is smart to create a backup of preferably your whole server, and the /etc/nginx/ directory should be backed up as well.

If possible, deploy a new server with a totally new Nginx installation using the nginx-naxsi package. If not, backup your server and type:

apt-get install nginx-naxsi

This should install Naxsi and replace the existing Nginx, but keep all your files.

Step 2: Editing Naxsi settings

In order to enable Naxsi, open the file /etc/nginx/nginx.conf:

vi /etc/nginx/nginx.conf

and find the following section:

# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##

# include /etc/nginx/naxsi_core.rules;

Remove the # in front of the include to load the Naxsi rules, which will enable Naxsi. After making that change, the line should look like this:

include /etc/nginx/naxsi_core.rules;

The configuration of Naxsi can be found in /etc/nginx/naxsi.rules. You can see what it does and optionally change some settings, depending on your needs and the type of website(s) that you host.

After enabling Naxsi and editing the configuration, we need to enable Naxsi for our default site manually. Open /etc/nginx/sites-enabled/default:

vi /etc/nginx/sites-enabled/default

In order to enable Naxsi on this location, remove the # if present, otherwise leave the include line that way and don’t add a #.

# Uncomment to enable naxsi on this location
include /etc/nginx/naxsi.rules;

Step 3: Turning off learning mode

In order to let Naxsi protect your site, we need to turn off the learning mode. Open /etc/nginx/naxsi.rules:

vi /etc/nginx/naxsi.rules

Find the string LearningMode, and place an # in front of it. That comments out the line and thus disable the learning mode in the config.

Step 4: Restarting Naxsi

Restart Nginx for the changes to take effect:

service nginx reload

You can now see any security warnings from Naxsi in the Nginx log:

tail -f /var/log/nginx/error.log

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article
How VPS

How VPS

Related Posts

How to Install Apache Tomcat 8 on CentOS 7
Linux

How to Install Apache Tomcat 8 on CentOS 7?

February 11, 2020
Linux

Setup IonCube Loader on Ubuntu 14

January 1, 2020
Linux

Converting from MySQL to MariaDB on Ubuntu

January 1, 2020
Next Post

How to Install and Configure Elastic Stack (Elasticsearch, Logstash and Kibana) on Ubuntu 17.04

How to Install OpenSIPS Control Panel on Ubuntu 16.04

How to Install osTicket on Ubuntu 16.04

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 121 Followers
  • 87.2k Followers

Recommended

How to Install InvoicePlane on Debian 9

3 years ago

How to Install OroCRM on CentOS 7

3 years ago

How to Add a New Disk to an Existing Linux Server

4 years ago

Install a Minecraft Server on CentOS 6

3 years ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

Topics

Apache Web Server Bluehost Review 2019 Bluehost Review 2020 Bluehost Review 2021 Centmin Mod CentminMod centos install htop fsck htop install HTTP DoS attack Install Snort on an Ubuntu install Zabbix on CentOS install Zabbix on CentOS 7 Linux Commands linux guide linux install htop linux vps setup guide MariaDB MariaDB Error Mysql mysqld error optimize MariaDB optimize Mysql snort Ubuntu
No Result
View All Result

Highlights

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Webmin Reviews

Virtualmin Reviews

CentOS Web Panel Reviews

Ajenti Reviews

ISPConfig Reviews

Trending

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

by How VPS
February 25, 2022
0

I tried to update some extensions by use yum on centOs which I specified in Dockerfile. After...

How to Fix MySQL Error "Plugin 'InnoDB' registration as a STORAGE ENGINE failed"?

How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”?

November 17, 2020
How to optimize Mysql or MariaDB

How to optimize Mysql or MariaDB

November 3, 2020
Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

February 17, 2020
Webmin Reviews

Webmin Reviews

February 17, 2020
How VPS – How to use/setup VPS

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8 February 25, 2022
  • How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”? November 17, 2020
  • How to optimize Mysql or MariaDB November 3, 2020

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

[mc4wp_form]

© 2018 JNews - City News Magazine WordPress theme. All rights belong to their respective owners.
JNews is a top selling 2018 WordPress News, Blog, Newspaper & Magazine Theme.

No Result
View All Result
  • Home

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.