nginx中使用waf防火墙
1.安装依赖
yum install -y readline-devel ncurses-devel
2.安装Lua
# tar xf lua-5.1.5.tar.gz # cd lua-5.1.5 # make linux # make install
3.安装LuaJIT
# wget http://luajit.org/download/LuaJIT-2.0.4.tar.gz # tar xf LuaJIT-2.0.4.tar.gz # cd LuaJIT-2.0.4 # make && make install
4.安装两个插件
# wget https://codeload.github.com/simpl/ngx_devel_kit/zip/master # unzip ngx_devel_kit-master.zip # cp -r ngx_devel_kit-master /usr/local/ # wget https://github.com/openresty/lua-nginx-module#readme # unzip lua-nginx-module-master.zip # cp -r lua-nginx-module-master /usr/local/
5.给已经安装过的nginx打补丁,没装过就直接装,方法一样
# export LUAJIT_LIB=/usr/local/lib # export LUAJIT_INC=/usr/local/include/luajit-2.0 如果已经安装过nginx,就需要检查nginx的编译参数;如果没有装过,就不需要检查。 # /usr/local/nginx/sbin/nginx -V 打补丁时需要带上这些参数,剩余的--add-module就是新加的模块 ./configure --prefix=/usr/local/nginx-1.4.7
--with-http_stub_status_module \
--with-http_ssl_module \
--add-module=/usr/local/ngx_devel_kit-0.2.19 \
--add-module=/usr/local/lua-nginx-module-0.9.6 \
--with-ld-opt="-Wl,-rpath,$LUAJIT_LIB"
# make -j2 # make install
ln -s /usr/local/lib/libluajit-5.1.so.2.0.3 /lib64/libluajit-5.1.so.2
6.配置nginx
lua_shared_dict limit 50m; lua_package_path "/jboss/nginx-1.4.7/conf/waf/?.lua"; init_by_lua_file "/jboss/nginx-1.4.7/conf/waf/init.lua"; access_by_lua_file "/jboss/nginx-1.4.7/conf/waf/access.lua";
7.重载nginx即可