You need to remember this : NGINX will decide the order of modules according
the order of the module's directive in nginx's ./configure. So, no matter what
(except you really know what you are doing) put naxsi first in your
./configure. If you don't do so, you might run into various problems, from
random / unpredictable behaviors to non-effective WAF.
And the example shows the module coming before any other modules and nginx
configure directives:
./configure --add-module=../naxsi-x.xx/naxsi_src/ [add/remove your favorite/usual options]
My question is whether it's crucial that naxsi is literally the first option
to the configure script (i.e. including all other nginx configure options like
--with-debug, --error-log-path) or whether it needs to be the first module
before any core nginx modules like --with-http_ssl_module and --with-http_v2_module
or whether it just needs to be the first third-party module?
I'm asking, because I'd like to make sure my nginx building project does the right thing.
In the wiki page on compiling nginx and naxsi you mention:
And the example shows the module coming before any other modules and nginx configure directives:
My question is whether it's crucial that naxsi is literally the first option to the configure script (i.e. including all other nginx configure options like
--with-debug
,--error-log-path
) or whether it needs to be the first module before any core nginx modules like--with-http_ssl_module
and--with-http_v2_module
or whether it just needs to be the first third-party module?I'm asking, because I'd like to make sure my nginx building project does the right thing.