Built on Cent 7.2.1511
autoconf – noarch – 2.69-11.el7 – base
automake – noarch – 1.13.4-3.el7 – base
libtool – x86_64 – 2.4.2-20.el7 – base
nasm – x86_64 – 2.10.07-7.el7 – base
Install dependencies:
yum install autoconf automake libtool make pcre-devel openssl-devel gcc-c++ pcre-devel zlib-devel libcurl-devel httpd-devel libxml2-devel GeoIP-devel php-pear yum install php-pecl-geoip libxslt-devel gd-devel
wget and untar:
mkdir /sen
cd /sen
wget http://senginx.org/download/senginx-1.6.2.tar.gz
tar xzf senginx-1.6.2.tar.gz
Build:
cd senginx-1.6.2
./se-configure.sh --with-modsecurity --with-http_geoip_module --sbin-path=/usr/sbin/senginx --conf-path=/etc/senginx/nginx.conf --pid-path=/var/run/senginx.pid --prefix=/etc/senginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_spdy_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_sub_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-pcre --with-debug
make
make install
Copy unicode.mapping from source folder to senginx folder and delete source folder:
cp 3rd-party/ModSecurity/unicode.mapping /etc/senginx
rm -rf /sen
FIXTHIS – Some reason modsecurity conf goes to /usr/sbin/senginxconf so we need to:
mv /usr/sbin/senginxconf /etc/senginx/modsecurity.conf
Create service file:
vim /usr/lib/systemd/system/senginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/var/run/senginx.pid
Nginx will fail to start if /run/nginx.pid already exists but has the wrong
SELinux context. This might happen when running `nginx -t` from the cmdline.
https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /var/run/senginx.pid
ExecStartPre=/usr/sbin/senginx -t
ExecStart=/usr/sbin/senginx
ExecReload=/bin/kill -s HUP $MAINPID
KillMode=process
KillSignal=SIGQUIT
TimeoutStopSec=5
PrivateTmp=true
[Install]
WantedBy=multi-user.target