Open duongtuankiet opened 1 month ago
If u just want to test lua script with crs rule, u can try leveryd/modsecurity:CVE-2024-1019
image, edit /tmp/debug.lua
and test it.
~ # docker run -ti -p 80:80 -e ERRORLOG=/tmp/nginx_error.log -e MODSEC_DEBUG_LOG=/tmp/debug.log -e MODSEC_DEBUG_LOGLEVEL=9 -e MODSEC_AUDIT_LOG=/tmp/audit.log -e BACKEND=http://10.56.58.13:8888 leveryd/modsecurity:CVE-2024-1019
Hi @duongtuankiet,
I'm really sorry for late reply, I completely forgot this issue - sorry.
I have installed Lua 5.4, Nginx 1.20.1, Modsecurity V3 and this is my config Modsecurity
are you sure you installed ModSecurity with Lua?
What was your configure
options? (If you still have your source tree, you can find that in config.log
file, on the top.)
> * LUA ....found v504
> -llua-5.4 -L/usr/lib64/, -DWITH_LUA -DWITH_LUA_5_4 -I/usr/include
this means autotools finds the Lua libraries.
If you want to use Lua support, you must pass explicitly the argument to configure
script:
./configure ... ... --with-lua ...
Without that you will get this result.
I have installed Lua 5.4, Nginx 1.20.1, Modsecurity V3 and this is my config Modsecurity
Log Nginx :
My Rule :
please help me