How to Install and Configure Nginx ModSecurity on CentOS 9 Stream

Nginx ModSecurity is a powerful web application firewall that helps protect your web server from various online threats and attacks. In this guide, we will walk you through the steps to install and configure Nginx ModSecurity on CentOS 9 Stream.


Before we begin, ensure that you have the following:

  • A CentOS 9 Stream server
  • SSH access to your server
  • Root or sudo privileges

Step 1: Update Your System

It's always a good practice to start by updating your system to the latest packages and security updates. Use the following command to update your CentOS 9 Stream server:

sudo dnf update

Step 2: Install Nginx

If Nginx is not already installed on your server, you can install it using the following command:

sudo dnf install nginx

Step 3: Install ModSecurity

To install ModSecurity for Nginx, you can use the following command:

sudo dnf install mod_security

Step 4: Configure Nginx with ModSecurity

Next, you need to configure Nginx to use ModSecurity. Edit the Nginx configuration file:

sudo nano /etc/nginx/nginx.conf

Inside the http block, add the following line to include the ModSecurity configuration:

include /etc/nginx/modsec/main.conf;

Save and exit the editor.

Step 5: Restart Nginx

After making changes to the configuration, restart Nginx to apply the new settings:

sudo systemctl restart nginx

Step 6: Test ModSecurity

You can now test ModSecurity by visiting your website and trying various security tests. Review the ModSecurity logs for any detected threats and adjust the configuration as needed.


Congratulations! You've successfully installed and configured Nginx ModSecurity on your CentOS 9 Stream server. Your web server is now better protected against online threats and attacks.

Remember to regularly monitor the ModSecurity logs and update your rule sets to ensure the security of your web applications.


Popular posts from this blog

Empat Pokok Kebijakan Pendidikan “Merdeka Belajar”

Download File Pdf