本次测试使用 Ubuntu 16.04
安装依赖包
$ apt install -y make gcc libssl-dev g++
安装LuaJIT
$ wget http://luajit.org/download/LuaJIT-2.0.5.tar.gz
$ tar -zxvf LuaJIT-2.0.5.tar.gz
$ cd LuaJIT-2.0.5
$ make
$ make install PREFIX=/usr/local/LuaJIT
$ export LUAJIT_LIB=/usr/local/LuaJIT/lib
$ export LUAJIT_INC=/usr/local/LuaJIT/include/luajit-2.0
$ mkdir /opt/download
$ cd /opt/download
$ wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz
$ wget https://github.com/openresty/lua-nginx-module/archive/v0.10.9rc7.tar.gz
$ tar -zxvf v0.3.0.tar.gz
$ tar -zxvf v0.10.9rc7.tar.gz
安装Nginx
$ wget https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz
$ tar zxf pcre-8.40.tar.gz
$ wget https://www.openssl.org/source/openssl-1.0.2r.tar.gz
$ tar zxf openssl-1.0.2r.tar.gz
$ wget http://nginx.org/download/nginx-1.16.0.tar.gz
$ tar zxf nginx-1.16.0.tar.gz
$ cd nginx-1.16.0
$ ./configure \
--prefix=/usr/local/nginx \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_gzip_static_module \
--with-ipv6 \
--with-http_sub_module \
--with-openssl=/opt/download/openssl-1.0.2r \
--add-module=/opt/download/ngx_devel_kit-0.3.0 \
--add-module=/opt/download/lua-nginx-module-0.10.9rc7 \
--with-pcre=/opt/download/pcre-8.40
$ make && make install
加载lua库,加入到ld.so.conf文件
$ echo "/usr/local/LuaJIT/lib" >> /etc/ld.so.conf
$ ldconfig
搭建ngx_lua_waf构建web应用防火墙:
1、进入nginx的安装路径:cd /usr/local/nginx/conf
2、下载ngx_lua_waf :
$ git clone https://github.com/loveshell/ngx_lua_waf.git
3、将解压后的ngx_lua_waf文件夹重命名为waf
$ mv ngx_lua_waf/ waf
4、配置config.lua里的waf规则
$ vim /usr/local/nginx/conf/waf/config.lua
修改:RulePath = "/usr/local/nginx/conf/waf/wafconf/"(本机的安装目录)
5、在nginx_conf 的 http段添加
lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file /usr/local/nginx/conf/waf/init.lua;
access_by_lua_file /usr/local/nginx/conf/waf/waf.lua;
6、启动nginx
$ /usr/local/nginx/sbin/nginx
作者:私念人生
来源:CSDN
原文:https://blog.csdn.net/qq_35999386/article/details/80564605
版权声明:本文为博主原创文章,转载请附上博文链接!
网友评论