Nginx Configuration Auto-Generator Tool

Frequently Asked Questions

mod_security Installation Instructions

# mod_security Installation and Configuration Instructions

## Ubuntu/Debian Installation Steps

1. Update system and install dependencies:
sudo apt update && sudo apt upgrade -y
sudo apt install -y libapache2-mod-security2

2. Enable the module:
sudo a2enmod security2
sudo systemctl restart apache2

3. For Nginx, you need to compile with the module or use third-party packages:
# Add third-party repository
sudo add-apt-repository ppa:ondrej/nginx
sudo apt update
sudo apt install nginx-module-modsecurity

4. Configure mod_security:
sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sudo nano /etc/modsecurity/modsecurity.conf
# Change SecRuleEngine DetectionOnly to SecRuleEngine On

5. Download OWASP rule set:
sudo apt install -y git
sudo git clone https://github.com/coreruleset/coreruleset /etc/modsecurity/coreruleset
sudo cp /etc/modsecurity/coreruleset/crs-setup.conf.example /etc/modsecurity/coreruleset/crs-setup.conf
sudo ln -s /etc/modsecurity/coreruleset/rules/ /etc/modsecurity/activated_rules

6. Configure Nginx to load the module:
sudo nano /etc/nginx/nginx.conf
# Add at the top
load_module modules/ngx_http_modsecurity_module.so;

7. Restart Nginx:
sudo systemctl restart nginx

## CentOS/RHEL Installation Steps

1. Install EPEL repository:
sudo yum install -y epel-release
sudo yum update -y

2. Install mod_security:
sudo yum install -y mod_security

3. Follow similar configuration steps as Ubuntu:
# Configure rule sets
# Enable module
# Restart service

## Verify Installation

Check if mod_security is working properly:
sudo grep -i modsecurity /var/log/nginx/error.log

If you see something like "ModSecurity for nginx (STABLE)", the installation was successful.

Certbot Installation and Usage Instructions

# Certbot Installation and Usage Instructions

## Ubuntu/Debian Installation

1. Update system and install Certbot:
   sudo apt update
   sudo apt install -y certbot python3-certbot-nginx

## CentOS/RHEL Installation

1. Install EPEL repository:
   sudo yum install -y epel-release

2. Install Certbot:
   sudo yum install -y certbot python3-certbot-nginx

## Using Certbot to Obtain SSL Certificates

1. Basic usage (auto-configures Nginx):
   sudo certbot --nginx -d example.com -d www.example.com

2. Obtain certificate only, without auto-configuration:
   sudo certbot certonly --nginx -d example.com -d www.example.com

3. Renew certificates:
   # Test renewal
   sudo certbot renew --dry-run
   
   # Actual renewal
   sudo certbot renew

4. Set up automatic renewal:
   # Certbot usually sets up a cron job automatically
   # You can check it with:
   sudo systemctl list-timers | grep certbot

## Certificate File Locations

Obtained certificates are usually stored in:
- Certificate: /etc/letsencrypt/live/example.com/fullchain.pem
- Private key: /etc/letsencrypt/live/example.com/privkey.pem

You can use these paths when configuring HTTPS in this tool.

## Common Troubleshooting

1. If Nginx isn't running, you may need to start it first:
   sudo systemctl start nginx

2. Firewall issues:
   sudo ufw allow 80
   sudo ufw allow 443

3. Reconfigure certificates:
   sudo certbot --nginx renew --force-renewal

Nginx Configuration Auto-Generator Tool

Configuration Options

Frequently Asked Questions

Configuration Result

No configuration generated yet