Alexis ,hope you read this mate. Just wanted to write that none of my lectures can explain in the way you do. Perspective of your lessons are on one of the highest levels. My route is Digital forensics and cybersecurity, and because of you I'm hungry for more knowledge. Big THANK YOU . DANKE
@@HackerSploit I cant wait to learn more from you. If you have discord group or maybe planning to create one ,I'm in. The content , explanations, and the way you teach are seriously one of the best. I have so many questions ,that I'd like to ask you to put me on the right path (focus to go in right direction) regards.
Very detailed and informative. However, please check that the path mentioned in Step 3 of Configuring Modsecurity is incorrect. This can cause confusion for newbies because the path is not correct
Hi i have a question What if ubuntu is upgraded / updated , so maybe there can be a higher version of nginx (example 1.25) ! (can nginx be upgraded if we upgrade Ubuntu version? I don't know this buy the way ) So we composed module from nginx 1.14 nginx file Is tihs make a problem?
There is an error in your documentation in the section configure modsecurity. Either the path to copy or config from/to are wrong or you left a step to create the directories. Please, check. Thanks.
If you were to do this for a friend/client and secure their server for their website what would be a fair price to charge as a freelance engineer? They already have a website the web designer just hasn’t secured or optimised anything.
@@danlegend3104 Thank you for the clarification, in that case depending on your skill level I would suggest anywhere from 30-50$ per hour. This is just a rough estimate based on the nature of the work likely will be doing.
Hello. Thanks forthe video. I was installing the modsecurity for nginx but I run into trouble. This is the error message i got "adding module in /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2 ./configure: error: no /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2/config was found" Can you help on this. the ubuntu system is 22. and there is no help on this on the internet.
cool video! is there a app or way to get notifications of IPs violating rules, what rule and what url and button to send to fail2ban jail? if not ill dev one
I have done everything as you have said, but after running the command "sudo nginx -t" to test nginx syntax, it throws an error saying modsecurity_rules_file" directive Rules error. File: /usr/local/modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf Then i removed the file and everything worked fine. But it is an important config file why is this happeing.
Alexis ,hope you read this mate. Just wanted to write that none of my lectures can explain in the way you do. Perspective of your lessons are on one of the highest levels. My route is Digital forensics and cybersecurity, and because of you I'm hungry for more knowledge. Big THANK YOU . DANKE
Hello, thank you very much for your support. I am glad you find value in the videos. That is great, we have an upcoming series on forensics.
@@HackerSploit I cant wait to learn more from you. If you have discord group or maybe planning to create one ,I'm in. The content , explanations, and the way you teach are seriously one of the best. I have so many questions ,that I'd like to ask you to put me on the right path (focus to go in right direction) regards.
Documentation: www.linode.com/docs/guides/securing-nginx-with-modsecurity/
Thank goodness you’re back👊🏾👊🏾
Hi,
My all 12 cores of my server shoots to 100% usage after turning the Modsecurity On. It works fine after turning it off.
What is wrong?
Awesome tutorial - first shot it worked like charm on nginx 1.18 and Ubuntu server 20.04 focal fossa ❤️ love it
How People Get Infected With Malicious Word Document':
ua-cam.com/video/E-Xc_bQyG2c/v-deo.html
Excellent! Thank you for the step by step tour!
Thank you alexis, you make me curious on WAF … 😊
its very clear guide. Thank you for high quality content
Very detailed and informative. However, please check that the path mentioned in Step 3 of Configuring Modsecurity is incorrect. This can cause confusion for newbies because the path is not correct
Hey , can you tell me how to get around this ?? please :) ?
Hi i have a question
What if ubuntu is upgraded / updated , so maybe there can be a higher version of nginx (example 1.25) !
(can nginx be upgraded if we upgrade Ubuntu version? I don't know this buy the way )
So we composed module from nginx 1.14 nginx file
Is tihs make a problem?
How to see the log file of preventions?
Thank you. This was very helpful.
does it work for ubuntu 22?
same question, it work for you ?
Can please you list the tools you installed post the NGINx install
There is an error in your documentation in the section configure modsecurity. Either the path to copy or config from/to are wrong or you left a step to create the directories. Please, check. Thanks.
Errors are sometimes put in on purpose. Makes it easier to sell support contracts. Also evil.
Thank you from Vietnam.
Is there some docker version which all tools enabled and still you can check what has been installed with dockerfile or so :)
why you keep switching OS sometimes parrot sometimes kali sometimes ubuntu
What tool is used identify the defects in bug bounty please tell bro
If you were to do this for a friend/client and secure their server for their website what would be a fair price to charge as a freelance engineer? They already have a website the web designer just hasn’t secured or optimised anything.
It depends on the scale of the project and cost factor. Do you charge per hour?
@@HackerSploit hourly or per day which ever is cheaper for them, that’s usually how repeat business is kept over here in the Uk
@@danlegend3104 Thank you for the clarification, in that case depending on your skill level I would suggest anywhere from 30-50$ per hour. This is just a rough estimate based on the nature of the work likely will be doing.
how to host a static php website in nginx server
Can you upload video waf nginx on centOS 8.5 ?
can UFW and modsecurity coexist? or would it be better to use only one? Thanks a lot!!
UFW is a layer 3 firewall modsecurity is layer 7
Great video. What are your thoughts on NAXSI? Modsec has a huge performance hit. NAXSI is supposed to be a lot faster
Perfect ! many thanks to you !
Thank you alexis
Hello. Thanks forthe video. I was installing the modsecurity for nginx but I run into trouble. This is the error message i got "adding module in /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2
./configure: error: no /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2/config was found"
Can you help on this. the ubuntu system is 22. and there is no help on this on the internet.
Did you resolve this ? I'm facing the samething
cool video! is there a app or way to get notifications of IPs violating rules, what rule and what url and button to send to fail2ban jail? if not ill dev one
Not yet, that is a great video idea. I will definitely work on this.
@@HackerSploit , excellent , thanks! lets dev it together in flutter , u wanna, if nothings out there already?
Cool awesome video
I have done everything as you have said, but after running the command "sudo nginx -t" to test nginx syntax, it throws an error saying modsecurity_rules_file" directive Rules error. File: /usr/local/modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf Then i removed the file and everything worked fine. But it is an important config file why is this happeing.
LET'S GOOO we got 3 vids in one day
Bro you beat me in a few seconds for the first comment .😅
@@mbm6048 damn u were close congrats
thank you very much
Can ece stream guy learn ethical hacking?
My only complaint is something this complicated should be automated with an Ansible playbook or Chef cookbook, IMHO
3 videos in less than 2 hrs today?
good video
amazing
YESSIR
Bro can you make a video "impact of AI in cybersecurity and future of jobs in cybersecurity" please?
Missed your voice more than your videos. Lol 😅
Yp
I don't know why but You looks like my elder brother 😂 ...
thank very much. very useful video .You speak very fast man ... a little slower please
just change the SELinux context thats it. No need of Mob Security.
Nobody finished the Video, I bet . Cuz it's just 3 minutes after Release 😂😂
First
EDIT:Damn
Hello
Hww k worked
Lolka