Alexis ,hope you read this mate. Just wanted to write that none of my lectures can explain in the way you do. Perspective of your lessons are on one of the highest levels. My route is Digital forensics and cybersecurity, and because of you I'm hungry for more knowledge. Big THANK YOU . DANKE
@@HackerSploit I cant wait to learn more from you. If you have discord group or maybe planning to create one ,I'm in. The content , explanations, and the way you teach are seriously one of the best. I have so many questions ,that I'd like to ask you to put me on the right path (focus to go in right direction) regards.
Very detailed and informative. However, please check that the path mentioned in Step 3 of Configuring Modsecurity is incorrect. This can cause confusion for newbies because the path is not correct
There is an error in your documentation in the section configure modsecurity. Either the path to copy or config from/to are wrong or you left a step to create the directories. Please, check. Thanks.
If you were to do this for a friend/client and secure their server for their website what would be a fair price to charge as a freelance engineer? They already have a website the web designer just hasn’t secured or optimised anything.
@@danlegend3104 Thank you for the clarification, in that case depending on your skill level I would suggest anywhere from 30-50$ per hour. This is just a rough estimate based on the nature of the work likely will be doing.
Hi i have a question What if ubuntu is upgraded / updated , so maybe there can be a higher version of nginx (example 1.25) ! (can nginx be upgraded if we upgrade Ubuntu version? I don't know this buy the way ) So we composed module from nginx 1.14 nginx file Is tihs make a problem?
Hello. Thanks forthe video. I was installing the modsecurity for nginx but I run into trouble. This is the error message i got "adding module in /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2 ./configure: error: no /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2/config was found" Can you help on this. the ubuntu system is 22. and there is no help on this on the internet.
cool video! is there a app or way to get notifications of IPs violating rules, what rule and what url and button to send to fail2ban jail? if not ill dev one
I have done everything as you have said, but after running the command "sudo nginx -t" to test nginx syntax, it throws an error saying modsecurity_rules_file" directive Rules error. File: /usr/local/modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf Then i removed the file and everything worked fine. But it is an important config file why is this happeing.
Alexis ,hope you read this mate. Just wanted to write that none of my lectures can explain in the way you do. Perspective of your lessons are on one of the highest levels. My route is Digital forensics and cybersecurity, and because of you I'm hungry for more knowledge. Big THANK YOU . DANKE
Hello, thank you very much for your support. I am glad you find value in the videos. That is great, we have an upcoming series on forensics.
@@HackerSploit I cant wait to learn more from you. If you have discord group or maybe planning to create one ,I'm in. The content , explanations, and the way you teach are seriously one of the best. I have so many questions ,that I'd like to ask you to put me on the right path (focus to go in right direction) regards.
Awesome tutorial - first shot it worked like charm on nginx 1.18 and Ubuntu server 20.04 focal fossa ❤️ love it
How People Get Infected With Malicious Word Document':
ua-cam.com/video/E-Xc_bQyG2c/v-deo.html
Thank goodness you’re back👊🏾👊🏾
Documentation: www.linode.com/docs/guides/securing-nginx-with-modsecurity/
Excellent! Thank you for the step by step tour!
its very clear guide. Thank you for high quality content
Very detailed and informative. However, please check that the path mentioned in Step 3 of Configuring Modsecurity is incorrect. This can cause confusion for newbies because the path is not correct
Hey , can you tell me how to get around this ?? please :) ?
Thank you alexis, you make me curious on WAF … 😊
Thank you. This was very helpful.
Thank you from Vietnam.
Hi,
My all 12 cores of my server shoots to 100% usage after turning the Modsecurity On. It works fine after turning it off.
What is wrong?
does it work for ubuntu 22?
Great video. What are your thoughts on NAXSI? Modsec has a huge performance hit. NAXSI is supposed to be a lot faster
There is an error in your documentation in the section configure modsecurity. Either the path to copy or config from/to are wrong or you left a step to create the directories. Please, check. Thanks.
Errors are sometimes put in on purpose. Makes it easier to sell support contracts. Also evil.
LET'S GOOO we got 3 vids in one day
Bro you beat me in a few seconds for the first comment .😅
@@mbm6048 damn u were close congrats
Perfect ! many thanks to you !
How to see the log file of preventions?
If you were to do this for a friend/client and secure their server for their website what would be a fair price to charge as a freelance engineer? They already have a website the web designer just hasn’t secured or optimised anything.
It depends on the scale of the project and cost factor. Do you charge per hour?
@@HackerSploit hourly or per day which ever is cheaper for them, that’s usually how repeat business is kept over here in the Uk
@@danlegend3104 Thank you for the clarification, in that case depending on your skill level I would suggest anywhere from 30-50$ per hour. This is just a rough estimate based on the nature of the work likely will be doing.
Can please you list the tools you installed post the NGINx install
Hi i have a question
What if ubuntu is upgraded / updated , so maybe there can be a higher version of nginx (example 1.25) !
(can nginx be upgraded if we upgrade Ubuntu version? I don't know this buy the way )
So we composed module from nginx 1.14 nginx file
Is tihs make a problem?
can UFW and modsecurity coexist? or would it be better to use only one? Thanks a lot!!
UFW is a layer 3 firewall modsecurity is layer 7
Is there some docker version which all tools enabled and still you can check what has been installed with dockerfile or so :)
why you keep switching OS sometimes parrot sometimes kali sometimes ubuntu
Thank you alexis
how to host a static php website in nginx server
Can you upload video waf nginx on centOS 8.5 ?
3 videos in less than 2 hrs today?
My only complaint is something this complicated should be automated with an Ansible playbook or Chef cookbook, IMHO
What tool is used identify the defects in bug bounty please tell bro
Hello. Thanks forthe video. I was installing the modsecurity for nginx but I run into trouble. This is the error message i got "adding module in /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2
./configure: error: no /build/nginx-qDpDX0/nginx-1.18.0/debian/modules/http-geoip2/config was found"
Can you help on this. the ubuntu system is 22. and there is no help on this on the internet.
Did you resolve this ? I'm facing the samething
Cool awesome video
cool video! is there a app or way to get notifications of IPs violating rules, what rule and what url and button to send to fail2ban jail? if not ill dev one
Not yet, that is a great video idea. I will definitely work on this.
@@HackerSploit , excellent , thanks! lets dev it together in flutter , u wanna, if nothings out there already?
thank you very much
I don't know why but You looks like my elder brother 😂 ...
Can ece stream guy learn ethical hacking?
Bro can you make a video "impact of AI in cybersecurity and future of jobs in cybersecurity" please?
Missed your voice more than your videos. Lol 😅
Yp
good video
amazing
Nobody finished the Video, I bet . Cuz it's just 3 minutes after Release 😂😂
YESSIR
just change the SELinux context thats it. No need of Mob Security.
thank very much. very useful video .You speak very fast man ... a little slower please
Hello
First
EDIT:Damn
Lolka
Hww k worked
I have done everything as you have said, but after running the command "sudo nginx -t" to test nginx syntax, it throws an error saying modsecurity_rules_file" directive Rules error. File: /usr/local/modsecurity-crs/rules/REQUEST-922-MULTIPART-ATTACK.conf Then i removed the file and everything worked fine. But it is an important config file why is this happeing.