Nginx + mod_security without a backend server

Asked May 05 '14 at 16:08

Active May 05 '14 at 16:08

Viewed 595 times

I want to start using mod_security for Nginx. However, I have read the official doc and something got my atention:

https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#installation-for-nginx

The example configuration is:

location / {
       ModSecurityEnabled on;
       ModSecurityConfig modsecurity.conf;
       proxy_pass http://localhost:8011;
       proxy_read_timeout 180s;
   }

And it explains:

This configures ModSecurity as an Nginx request handler. The updated request flow is now: request -> modsecurity handler -> backend You will need to modify the @backend definition to point to your correct back-end web application that Nginx is proxying to.

This assumes that Nginx is used as a proxy to a backend server. My question is, can mod_security & Nginx be used WITHOUT a backend server? For example, with PHP-FPM for PHP apps or Passenger for Ruby On Rails.

Thanks a lot, regards

asked May 05 '14 at 16:08

arg

PHP-FPM/Passenger is a backend server as far as nginx is concerned. – ceejayoz May 05 '14 at 16:14
I see. Can I point mod_security config to like this, then? proxy_pass unix:/var/run/php5-fpm.sock. Thanks! – arg May 05 '14 at 16:23

Nginx + mod_security without a backend server

0 Answers0