hallo你好

# lua_waf防火墙的安装

# 下载ngx_devel_kit和lua-nginx-module

cd /usr/local/src

wget https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz

wget https://github.com/openresty/lua-nginx-module/archive/v0.10.9rc7.tar.gz

#解压缩分别复制到/usr/local/下
tar xvf v0.3.0.tar.gz

tar xvf v0.10.9rc7.tar.gz

# 下载luajit并安装

cd /usr/local/src

wget http://luajit.org/download/LuaJIT-2.0.4.tar.gz

tar -xvf LuaJIT-2.0.4.tar.gz

cd LuaJIT-2.0.4/

make && make install

# 设置环境变量

vi /etc/profile

export LUAJIT_LIB=/usr/local/lib
export LUAJIT_INC=/usr/local/include/luajit-2.0

# 重新编译安装nginx

# 查看以前编译的配置
nginx -V

./configure \
--user=www --group=www --prefix=/usr/local/nginx \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_gzip_static_module \
--with-ipv6 \
--with-http_sub_module \
--with-openssl=/usr/local/openssl-1.0.1t \
--with-ld-opt=-Ljemalloc \
--add-module=/usr/local/ngx_devel_kit \
--add-module=/usr/local/lua-nginx-module \
--with-ld-opt="-Wl,-rpath,$LUAJIT_LIB"


# add 新增内容
--add-module=/usr/local/ngx_devel_kit \
--add-module=/usr/local/lua-nginx-module \
--with-ld-opt="-Wl,-rpath,$LUAJIT_LIB"

make -j8 && make install 

service nginx restart

# 下载安装waf

cd /usr/local/nginx/conf

git clone git@gitee.com:yonghua4413/ngx_lua_waf.git

mv ngx_lua_waf waf

vi nginx.conf

#修改nginx的配置文件,在http段加入如下内容:

lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file /usr/local/nginx/conf/waf/init.lua;
access_by_lua_file /usr/local/nginx/conf/waf/waf.lua;

# attck日志目录
mkdir -p /home/wwwlogs/attack
chmod -R 0777 /home/wwwlogs/attack

# 测试
service nginx configtest

# 重启nginx
service nginx restart

# 测试效果

get xxx.com/?id=../