Skip to content

nginx build requires apache, it shouldn't. #603

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jvanasco opened this issue Dec 2, 2013 · 6 comments
Closed

nginx build requires apache, it shouldn't. #603

jvanasco opened this issue Dec 2, 2013 · 6 comments
Labels
enhancement Platform - Nginx Platform - Standalone TBF by libmodsec

Comments

@jvanasco
Copy link

jvanasco commented Dec 2, 2013

it doesn't seem possible to build for nginx without installing apache - the configure script wants/needs to build the DSO with apache's APXS

it would be nice if this could be built without apache, or at least only using the apache source (without having to install apache). the most straightforward way of installing for nginx on an ubuntu machine requires installing the apache2-prefork-dev package, which in turn installs a bunch of unnecessary files and will compete with nginx for control of http services.
@ghost
Copy link

ghost commented Dec 29, 2013

I have tried to compile this with both --enable-standalone-module (per Nginx instructions) and --disable-apache2-module and get in error in the apache2/modsecurity.h file. Since the instructions I am following are for Nginx and Nginx does not require Apache, I would expect this to compile without the Apache module in the first case and certainly expect it to forego Apache in the with both options. No Apache2 components are installed on this server. All other libraries are present.

@rcbarnett-zz
Copy link
Contributor

ModSecurity relies upon Apache Runtime (APR) regardless of web server platform. The APR libs are needed in order to build the API wrapper to plug into non-Apache web servers.

@ghost
Copy link

ghost commented Dec 29, 2013

Thanks. I am looking for something Apache-independent. This does not appear to meet my needs. You may want to include the libraries required to install this Nginx with your instructions as this was not-at-all clear and would save others time and effort.

@zimmerle zimmerle mentioned this issue Jun 18, 2015
Closed
@ghost
Copy link

ghost commented Oct 22, 2015

What functionality does ModSecurity require from the APR that makes it require APR for nginx?

@zimmerle
Copy link
Contributor

Hi @skeyl,

ModSecurity for nginx depends on ModSecurity standalone library. ModSecurity standalone is just a wrapper to Apache internals. In other words: ModSecurity for nginx depends not only on APR but also Apache. All the memory management is made using APR pools.

We are currently working on the libModSecurity which is a version that does not depends on Apache or APR anymore. You can check more information here:

https://github.com/SpiderLabs/ModSecurity/tree/libmodsecurity/

There is also a "nginx connector" here:

https://github.com/SpiderLabs/ModSecurity-nginx

@omega8cc omega8cc mentioned this issue Aug 23, 2016
Open
@zimmerle
Copy link
Contributor

zimmerle commented May 9, 2017

Won't fix in 2.x. libmodsecurity no longer depends on apache or apr.

Further information available here - https://github.com/SpiderLabs/ModSecurity-nginx

@zimmerle zimmerle closed this as completed May 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Platform - Nginx Platform - Standalone TBF by libmodsec
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jvanasco @zimmerle @rcbarnett-zz