Results 1 to 9 of 9

Thread: ModSecurity and NGINX setup

  1. #1
    Join Date
    Dec 2018
    Posts
    3

    Question ModSecurity and NGINX setup

    Hello,

    We run NGINX (without Apache) and we want to install ModSecurity. After a while i receive an error: 'apr_xml_parser' has no member named 'xp'

    Code:
    ./build modsecurity
    Apache libraries not detected, file /usr/lib/apache/libaprutil-1.so is not found.
    Installing Apache libraries, needed for ModSecurity to work with nginx.
    
    
    til/include -I/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr-util/include/private  -I/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr/include    -o xml/apr_xml.lo -c xml/apr_xml.c && touch xml/apr_xml.lo
    xml/apr_xml.c:35:19: error: expat.h: No such file or directory
    xml/apr_xml.c:66: error: expected specifier-qualifier-list before 'XML_Parser'
    xml/apr_xml.c: In function 'cleanup_parser':
    xml/apr_xml.c:364: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:365: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c: At top level:
    xml/apr_xml.c:384: error: expected ';', ',' or ')' before '*' token
    xml/apr_xml.c: In function 'apr_xml_parser_create':
    xml/apr_xml.c:401: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:402: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:410: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:411: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:412: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:424: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:424: error: 'default_handler' undeclared (first use in this function)
    xml/apr_xml.c:424: error: (Each undeclared identifier is reported only once
    xml/apr_xml.c:424: error: for each function it appears in.)
    xml/apr_xml.c: In function 'do_parse':
    xml/apr_xml.c:434: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:438: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c:442: error: 'apr_xml_parser' has no member named 'xp_err'
    xml/apr_xml.c:442: error: 'apr_xml_parser' has no member named 'xp'
    xml/apr_xml.c: In function 'apr_xml_parser_geterror':
    xml/apr_xml.c:500: error: 'apr_xml_parser' has no member named 'xp_err'
    xml/apr_xml.c:500: error: 'apr_xml_parser' has no member named 'xp_err'
    make[3]: *** [xml/apr_xml.lo] Error 1
    make[3]: *** Waiting for unfinished jobs....
    make[3]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr-util'
    make[2]: *** [all-recursive] Error 1
    make[2]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr-util'
    make[1]: *** [all-recursive] Error 1
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.37/srclib'
    make: *** [all-recursive] Error 1
    
    *** The make has failed, would you like to try to make again? (y,n):
    I checked if expat was installed but is running the latest version (Package expat-2.0.1-13.el6_8.x86_64 already installed and latest version)

    Do i missed something?

  2. #2
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    7,750
    Are you sure you're running latest version of the custombuild script? May you let us know the result of "./build version" ?
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  3. #3
    Join Date
    Dec 2018
    Posts
    3
    Quote Originally Posted by smtalk View Post
    Are you sure you're running latest version of the custombuild script? May you let us know the result of "./build version" ?
    The output of ./build version is: 2.0.0 (rev: 1972)


    If i rerun ./build modsecurity i receive an other error:

    Code:
    cc1plus: error: unrecognized command line option "-std=c++11"
    cc1plus: error: unrecognized command line option "-std=c++11"
    make[3]: *** [libmodsecurity_la-anchored_set_variable.lo] Error 1
    make[3]: *** [libmodsecurity_la-modsecurity.lo] Error 1
    make[3]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
    make[2]: *** [all-recursive] Error 1
    make[2]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
    make[1]: *** [all] Error 2
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
    make: *** [all-recursive] Error 1
    
    *** The make has failed, would you like to try to make again? (y,n):

  4. #4
    Join Date
    Dec 2018
    Posts
    3
    I noticed i had a old GCC version 4.4.7 under CentOs 6.10. I tried to compile it with 4.8.2 but i still receive an error:

    Code:
    /opt/rh/devtoolset-2/root/usr/libexec/gcc/x86_64-redhat-linux/4.8.2/ld: /usr/local/lib/libz.so.1: no version information available (required by /opt/rh/devtoolset-2/root/usr/lib64/libbfd-2.23.52.0.1-10.el6.so)
    /usr/local/modsecurity/lib/libmodsecurity.so: undefined reference to `pcre_free_study'
    collect2: error: ld returned 1 exit status
    make[1]: *** [objs/nginx] Error 1
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/nginx-1.15.6'
    make: *** [build] Error 2
    
    *** The make has failed, would you like to try to make again? (y,n):

  5. #5
    Join Date
    Feb 2007
    Posts
    39
    Quote Originally Posted by DigiWorks View Post
    I noticed i had a old GCC version 4.4.7 under CentOs 6.10. I tried to compile it with 4.8.2 but i still receive an error:

    Code:
    /opt/rh/devtoolset-2/root/usr/libexec/gcc/x86_64-redhat-linux/4.8.2/ld: /usr/local/lib/libz.so.1: no version information available (required by /opt/rh/devtoolset-2/root/usr/lib64/libbfd-2.23.52.0.1-10.el6.so)
    /usr/local/modsecurity/lib/libmodsecurity.so: undefined reference to `pcre_free_study'
    collect2: error: ld returned 1 exit status
    make[1]: *** [objs/nginx] Error 1
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/nginx-1.15.6'
    make: *** [build] Error 2
    
    *** The make has failed, would you like to try to make again? (y,n):
    Hello i confirm this problem.
    how to solve?
    Thailand Linux Web hosting and Domain name registration.
    IREALLYHOST.com

  6. #6
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    13,311
    Can be fixed soon after PCRE 8.43 (i.e. current) is installed.
    Directadmin installs PCRE 8.20 be default

    Code:
    cd /usr/local/directadmin/custombuild
    echo "pcre:8.43:e775489c9f024a92ca0f431301ef4c5c" >> custom_versions.txt
    ./build pcre

    Then build modsecurity and nginx.

    p.s. lixml2 and libxslt might need to be re-build too.


    https://help.directadmin.com/item.ph...0f431301ef4c5c
    Regards, Alex G.

    - Get the best commercial DirectAdmin support and hire me on poralix.com
    - Follow and like @Poralix on Facebook

  7. #7
    Join Date
    Feb 2007
    Posts
    39
    Hello zEitEr

    Thank your for your answer. it doesn't work

    libtool: compile: g++ -DHAVE_CONFIG_H -I. -std=c++11 -I.. -g -I../others -fPIC -O3 -I../headers -I/usr/local/include -DPCRE_HAVE_JIT -DWITH_MAXMIND -I/usr/local/include -I/usr/local/include/libxml2 -DWITH_LIBXML2 -g -O2 -MT libmodsecurity_la-modsecurity.lo -MD -MP -MF .deps/libmodsecurity_la-modsecurity.Tpo -c modsecurity.cc -fPIC -DPIC -o .libs/libmodsecurity_la-modsecurity.o
    cc1plus: error: unrecognized command line option "-std=c++11"
    cc1plus: error: unrecognized command line option "-std=c++11"
    make[3]: *** [libmodsecurity_la-transaction.lo] Error 1
    make[3]: *** [libmodsecurity_la-modsecurity.lo] Error 1
    libtool: compile: g++ -DHAVE_CONFIG_H -I. -std=c++11 -I.. -g -I../others -fPIC -O3 -I../headers -I/usr/local/include -DPCRE_HAVE_JIT -DWITH_MAXMIND -I/usr/local/include -I/usr/local/include/libxml2 -DWITH_LIBXML2 -g -O2 -MT libmodsecurity_la-rule.lo -MD -MP -MF .deps/libmodsecurity_la-rule.Tpo -c rule.cc -fPIC -DPIC -o .libs/libmodsecurity_la-rule.o
    cc1plus: error: unrecognized command line option "-std=c++11"
    make[3]: *** [libmodsecurity_la-rule.lo] Error 1
    make[3]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
    make[2]: *** [all-recursive] Error 1
    make[2]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
    make[1]: *** [all] Error 2
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
    make: *** [all-recursive] Error 1

    *** The make has failed, would you like to try to make again? (y,n):
    Thailand Linux Web hosting and Domain name registration.
    IREALLYHOST.com

  8. #8
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    13,311
    The error cc1plus: error: unrecognized command line option "-std=c++11" happens due to an outdated gcc-c++ .
    And it compiles fine on CentOS 6 with

    - gcc-4.8.2-8.el6.x86_64
    - gcc-c++-4.8.2-8.el6.x86_64
    - libgcc-4.8.2-8.el6.x86_64

    on my end.
    Regards, Alex G.

    - Get the best commercial DirectAdmin support and hire me on poralix.com
    - Follow and like @Poralix on Facebook

  9. #9
    Join Date
    Feb 2007
    Posts
    39
    zEitEr , Thank you very much.


    ---- work and perfect
    cd /etc/yum.repos.d
    wget http://linuxsoft.cern.ch/cern/scl/slc6-scl.repo
    yum -y --nogpgcheck install devtoolset-3-gcc devtoolset-3-gcc-c++
    scl enable devtoolset-3 bash
    ref: https://github.com/ospray/ospray/wik...-on-CentOS-6.5



    ---- old method

    wget http://people.centos.org/tru/devtools-2/devtools-2.repo -O /etc/yum.repos.d/devtools-2.repo
    yum -y install devtoolset-2-gcc devtoolset-2-binutils
    yum -y install devtoolset-2-gcc-c++ devtoolset-2-gcc-gfortran

    export CC=/opt/rh/devtoolset-2/root/usr/bin/gcc
    export CPP=/opt/rh/devtoolset-2/root/usr/bin/cpp
    export CXX=/opt/rh/devtoolset-2/root/usr/bin/c++
    Last edited by mean; 04-30-2019 at 07:28 AM.
    Thailand Linux Web hosting and Domain name registration.
    IREALLYHOST.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •