1

I have installed nginx and modsec roughly following this tutorial https://www.linuxcapable.com/how-to-install-modsecurity-with-nginx-on-ubuntu-20-04/.

After a couple of months working perfectly I am now getting this error:

nginx: [emerg] module "/usr/share/nginx/modules/ngx_http_modsecurity_module.so" version 1021004 instead of 1021006 in /etc/nginx/nginx.conf:5
nginx: configuration file /etc/nginx/nginx.conf test failed

I haven't rebuilt the nginx connector module yet, but I expect this is the problem and once I have rebuilt and installed the module, nginx will restart again without a problem. UPDATE: Rebuilt the module and all is working well.

So my question is: How to manage this situation on a production server?. What I mean is when the system updates & upgrades, at some point nginx version will be ahead of the nginx modsec connector module version and the server will not reload....and therefore the server will stop working (as happened just now).

andygozindy
  • 31
  • 4

1 Answers1

1

My best solution to this problem (if you are using Ubuntu or Debian) is to make an exception in unattended-upgrades for nginx so that it doesn't automatically upgrade. Regularly check to see if there are any updates to nginx and if there is then rebuild the connector before installing nginx updates.......that's the best I can offer. No-one else answered, so this is the accepted answer ;-)

andygozindy
  • 31
  • 4