On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote:> I am have a queer problem with the port mod_security3. I > actually want to set it up to work with NGINX. The port > /usr/ports/www/mod_security3 exists but when I do a > # pkg install mod_security3 > I get > ???pkg: No packages available to install matching 'mod_security3' > have been found in the repositories??? > > When I do a pkg search ???mod_security*??? only > ap24-mod_security-2.9.2_3 Intrusion detection and prevention > engine. So only version 2.9 shows up. Not sure why this is > happening. Can anyone shed some light on this please?I'm no expert on mod_security, but my guess, based on reading https://www.linuxjournal.com/content/modsecurity-and-nginx, is that previous (to v3) versions of mod_security worked _only_ with apache. And it seems likely that the port has not yet been updated to the newest v3. Also based on the article, it seems that getting even mod_security v3 to work with nginx is slightly complicated, as building it depends on the specific version of nginx that is installed. -- gregory byshenk - gbyshenk at byshenk.net - Leiden, NL
On Jan 22, 2019, at 1:54 PM, Gregory Byshenk <freebsd at byshenk.net> wrote:> > On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote: > >> I am have a queer problem with the port mod_security3. I >> actually want to set it up to work with NGINX. The port >> /usr/ports/www/mod_security3 exists but when I do a >> # pkg install mod_security3 >> I get >> ???pkg: No packages available to install matching 'mod_security3' >> have been found in the repositories??? >> >> When I do a pkg search ???mod_security*??? only >> ap24-mod_security-2.9.2_3 Intrusion detection and prevention >> engine. So only version 2.9 shows up. Not sure why this is >> happening. Can anyone shed some light on this please? > > I'm no expert on mod_security, but my guess, based on reading > https://www.linuxjournal.com/content/modsecurity-and-nginx, > is that previous (to v3) versions of mod_security worked > _only_ with apache. > > And it seems likely that the port has not yet been updated to > the newest v3. > > Also based on the article, it seems that getting even mod_security > v3 to work with nginx is slightly complicated, as building it > depends on the specific version of nginx that is installed.ModSecurity 3 ? working natively with nginx ? is significantly different than prior versions, although in this case I think it?s merely a matter of not searching for the correct package name: here are the two packages (not ports) available ? note the name change for v3. You?ll need to install ?modsecurity3? via packages for that version. (Your search for mod_security* was too restrictive and didn?t show you the v3 package, since it omits the underscore.) $ pkg search mod | grep security ap24-mod_security-2.9.2_3 Intrusion detection and prevention engine modsecurity3-3.0.3_1 Intrusion detection and prevention engine Thanks, ? Matt Garber
Ah. Got that. Thank you. I had just assumed that the name would be the same as the name of the port. I am going to try again. Thanks again. Sent from Mail for Windows 10 From: Gregory Byshenk Sent: Tuesday, January 22, 2019 1:54 PM To: freebsd-stable at freebsd.org; SoftwareInforJam Subject: Re: Issue with mod_security3 On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote:> I am have a queer problem with the port mod_security3. I > actually want to set it up to work with NGINX. The port > /usr/ports/www/mod_security3 exists but when I do a > # pkg install mod_security3 > I get > ???pkg: No packages available to install matching 'mod_security3' > have been found in the repositories??? > > When I do a pkg search ???mod_security*??? only > ap24-mod_security-2.9.2_3 Intrusion detection and prevention > engine. So only version 2.9 shows up. Not sure why this is > happening. Can anyone shed some light on this please?I'm no expert on mod_security, but my guess, based on reading https://www.linuxjournal.com/content/modsecurity-and-nginx, is that previous (to v3) versions of mod_security worked _only_ with apache. And it seems likely that the port has not yet been updated to the newest v3. Also based on the article, it seems that getting even mod_security v3 to work with nginx is slightly complicated, as building it depends on the specific version of nginx that is installed. -- gregory byshenk - gbyshenk at byshenk.net - Leiden, NL