Closed
Description
Hi, I got this problem after installing ModSec. Google Chrome says net :: ERR_EMPTY_RESPONSE and several files didn't load, e.g. logo.png and font-awesome.ttf
nginx version: nginx/1.8.0
built by gcc 4.9.2 (Debian 4.9.2-10)
built with OpenSSL 1.0.1k 8 Jan 2015
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-http_spdy_module --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security' --with-ld-opt=-Wl,-z,relro --with-ipv6 --add-module=/home/anubis/ngx_pagespeed-release-1.9.32.6-beta --add-module=/home/anubis/downloads/modsecurity-2.9.0/nginx/modsecurity
mod security debug.log http://pastebin.com/Nfhjvk7T
Debian 8
Linux box-host.ru 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1+deb8u3 (2015-08-04) x86_64 GNU/Linux
And i've unusual nginx config, and i dont'n know where ModSecurityEnable on; is necessary to insert
server_name box-host.ru www.box-host.ru;
charset UTF-8;
disable_symlinks if_not_owner from=$root_path;
index index.html index.php;
root $root_path;
set $root_path /dsk/sites/rz300/data/www/box-host.ru;
access_log /dsk/sites/httpd-logs/box-host.ru.access.log ;
error_log /dsk/sites/httpd-logs/box-host.ru.error.log notice;
include /etc/nginx/vhosts-includes/*.conf;
location / {
location ~ [^/]\.ph(p\d*|tml)$ {
try_files /does_not_exists @fallback;
}
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
try_files $uri $uri/ @fallback;
}
location / {
try_files /does_not_exists @fallback;
}
}
location @fallback {
ModSecurityEnabled on;
ModSecurityConfig /etc/nginx/modsecurity/modsecurity.conf;
proxy_pass http://127.0.0.1:8080;
proxy_redirect http://127.0.0.1:8080 /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
access_log off ;
}
ssi on;
add_header Strict-Transport-Security "max-age=31536000;";
listen 92.63.104.78:443;
ssl on;
ssl_certificate "/var/www/httpd-cert/rz300/box-host.ru.crtca";
ssl_certificate_key "/var/www/httpd-cert/rz300/box-host.ru.key";
ssl_ciphers HIGH:!RC4:!aNULL:!eNULL:!MD5:!EXPORT:!EXP:!LOW:!SEED:!CAMELLIA:!IDEA:!PSK:!SRP:!SSLv2;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}```
Metadata
Metadata
Assignees
Labels
No labels