-
客服电话
-
APP下载
迪恩网络APP
随时随地掌握行业动态
-
官方微信
扫描二维码
关注迪恩网络微信公众号
客服电话
APP下载
迪恩网络APP
随时随地掌握行业动态
官方微信
扫描二维码
关注迪恩网络微信公众号
|
环境:Centos6.5 2.安装Luagit# cd /root/ # wget http://luajit.org/download/LuaJIT-2.1.0-beta3.tar.gz # tar -xvf LuaJIT-2.1.0-beta3.tar.gz # cd LuaJIT-2.1.0-beta3/ # make && make install # ln -sf luajit-2.1.0-beta3 /usr/local/bin/luajit 3.Github下载ngx_lua_wafcd /root/ 4.配置ngx_lua_waf,修改openresty配置文件# vim /usr/local/openresty/nginx/conf/nginx.conf ... user nobody; # 取消注释,或者指定用户,如 user root; ... http{ # 在http块下添加如下内 ... lua_package_path "/root/waf/?.lua"; lua_shared_dict limit 10m; init_by_lua_file /root/waf/init.lua; access_by_lua_file /root/waf/waf.lua; ... 5.新建waf的日志目录 cd /usr/local/openresty/nginx/logs
6.修改ngx_lua_waf配置 # cd /root/waf/ # ngx_lua_waf目录 # vim config.lua ... RulePath = "/root/waf/wafconf/" # 规则文件路径 attacklog = "on" # 启用日志 logdir = "/usr/local/openresty/nginx/logs/hack/" # 日志目录 ... 7.启动openresty # /usr/local/openresty/bin/openresty # 如果没有启动服务,则启动 # /usr/local/openresty/bin/openresty -s reload # 如果已经启动,则重载配置 # /usr/local/openresty/bin/openresty -t # 测试配置是否正常
启动时我遇到的问题: 1.错误原因是找不到lualib库和resty模块,默认到 具体操作: ln -s /usr/local/openresty/lualib /usr/local/lib/lua ln -s /usr/local/openresty/lualib/resty /root/waf/ 2. 访问openresty首页时,总是404,查看nginx的error.log日志发现,没权限访问: 2020/04/16 17:10:15 [error] 23775#0: *1 failed to load external Lua file "/root/waf/waf.lua": cannot open /root/waf/waf.lua: Permission denied 修改nginx.conf文件中的 user nobody 为具体用户 #user nobody; 继续访问首页: http://openresty的IP地址/?id=x.sql
部署成功!!!
|
请发表评论