ModSecurity and NGINX setup

DigiWorks

Verified User
Joined
Dec 19, 2018
Messages
6
Location
NL
Hello,

We run NGINX (without Apache) and we want to install ModSecurity. After a while i receive an error: 'apr_xml_parser' has no member named 'xp'

Code:
./build modsecurity
Apache libraries not detected, file /usr/lib/apache/libaprutil-1.so is not found.
Installing Apache libraries, needed for ModSecurity to work with nginx.


til/include -I/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr-util/include/private  -I/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr/include    -o xml/apr_xml.lo -c xml/apr_xml.c && touch xml/apr_xml.lo
xml/apr_xml.c:35:19: error: expat.h: No such file or directory
xml/apr_xml.c:66: error: expected specifier-qualifier-list before 'XML_Parser'
xml/apr_xml.c: In function 'cleanup_parser':
xml/apr_xml.c:364: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:365: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c: At top level:
xml/apr_xml.c:384: error: expected ';', ',' or ')' before '*' token
xml/apr_xml.c: In function 'apr_xml_parser_create':
xml/apr_xml.c:401: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:402: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:410: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:411: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:412: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:424: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:424: error: 'default_handler' undeclared (first use in this function)
xml/apr_xml.c:424: error: (Each undeclared identifier is reported only once
xml/apr_xml.c:424: error: for each function it appears in.)
xml/apr_xml.c: In function 'do_parse':
xml/apr_xml.c:434: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:438: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c:442: error: 'apr_xml_parser' has no member named 'xp_err'
xml/apr_xml.c:442: error: 'apr_xml_parser' has no member named 'xp'
xml/apr_xml.c: In function 'apr_xml_parser_geterror':
xml/apr_xml.c:500: error: 'apr_xml_parser' has no member named 'xp_err'
xml/apr_xml.c:500: error: 'apr_xml_parser' has no member named 'xp_err'
make[3]: *** [xml/apr_xml.lo] Error 1
make[3]: *** Waiting for unfinished jobs....
make[3]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr-util'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.37/srclib/apr-util'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.37/srclib'
make: *** [all-recursive] Error 1

*** The make has failed, would you like to try to make again? (y,n):
I checked if expat was installed but is running the latest version (Package expat-2.0.1-13.el6_8.x86_64 already installed and latest version)

Do i missed something?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,792
Location
LT, EU
Are you sure you're running latest version of the custombuild script? May you let us know the result of "./build version" ?
 

DigiWorks

Verified User
Joined
Dec 19, 2018
Messages
6
Location
NL
Are you sure you're running latest version of the custombuild script? May you let us know the result of "./build version" ?
The output of ./build version is: 2.0.0 (rev: 1972)


If i rerun ./build modsecurity i receive an other error:

Code:
cc1plus: error: unrecognized command line option "-std=c++11"
cc1plus: error: unrecognized command line option "-std=c++11"
make[3]: *** [libmodsecurity_la-anchored_set_variable.lo] Error 1
make[3]: *** [libmodsecurity_la-modsecurity.lo] Error 1
make[3]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
make: *** [all-recursive] Error 1

*** The make has failed, would you like to try to make again? (y,n):
 

DigiWorks

Verified User
Joined
Dec 19, 2018
Messages
6
Location
NL
I noticed i had a old GCC version 4.4.7 under CentOs 6.10. I tried to compile it with 4.8.2 but i still receive an error:

Code:
/opt/rh/devtoolset-2/root/usr/libexec/gcc/x86_64-redhat-linux/4.8.2/ld: /usr/local/lib/libz.so.1: no version information available (required by /opt/rh/devtoolset-2/root/usr/lib64/libbfd-2.23.52.0.1-10.el6.so)
/usr/local/modsecurity/lib/libmodsecurity.so: undefined reference to `pcre_free_study'
collect2: error: ld returned 1 exit status
make[1]: *** [objs/nginx] Error 1
make[1]: Leaving directory `/usr/local/directadmin/custombuild/nginx-1.15.6'
make: *** [build] Error 2

*** The make has failed, would you like to try to make again? (y,n):
 

mean

Verified User
Joined
Feb 14, 2007
Messages
41
I noticed i had a old GCC version 4.4.7 under CentOs 6.10. I tried to compile it with 4.8.2 but i still receive an error:

Code:
/opt/rh/devtoolset-2/root/usr/libexec/gcc/x86_64-redhat-linux/4.8.2/ld: /usr/local/lib/libz.so.1: no version information available (required by /opt/rh/devtoolset-2/root/usr/lib64/libbfd-2.23.52.0.1-10.el6.so)
/usr/local/modsecurity/lib/libmodsecurity.so: undefined reference to `pcre_free_study'
collect2: error: ld returned 1 exit status
make[1]: *** [objs/nginx] Error 1
make[1]: Leaving directory `/usr/local/directadmin/custombuild/nginx-1.15.6'
make: *** [build] Error 2

*** The make has failed, would you like to try to make again? (y,n):
Hello i confirm this problem.
how to solve?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,164
Location
GMT +7.00

mean

Verified User
Joined
Feb 14, 2007
Messages
41
Hello zEitEr

Thank your for your answer. it doesn't work

libtool: compile: g++ -DHAVE_CONFIG_H -I. -std=c++11 -I.. -g -I../others -fPIC -O3 -I../headers -I/usr/local/include -DPCRE_HAVE_JIT -DWITH_MAXMIND -I/usr/local/include -I/usr/local/include/libxml2 -DWITH_LIBXML2 -g -O2 -MT libmodsecurity_la-modsecurity.lo -MD -MP -MF .deps/libmodsecurity_la-modsecurity.Tpo -c modsecurity.cc -fPIC -DPIC -o .libs/libmodsecurity_la-modsecurity.o
cc1plus: error: unrecognized command line option "-std=c++11"
cc1plus: error: unrecognized command line option "-std=c++11"
make[3]: *** [libmodsecurity_la-transaction.lo] Error 1
make[3]: *** [libmodsecurity_la-modsecurity.lo] Error 1
libtool: compile: g++ -DHAVE_CONFIG_H -I. -std=c++11 -I.. -g -I../others -fPIC -O3 -I../headers -I/usr/local/include -DPCRE_HAVE_JIT -DWITH_MAXMIND -I/usr/local/include -I/usr/local/include/libxml2 -DWITH_LIBXML2 -g -O2 -MT libmodsecurity_la-rule.lo -MD -MP -MF .deps/libmodsecurity_la-rule.Tpo -c rule.cc -fPIC -DPIC -o .libs/libmodsecurity_la-rule.o
cc1plus: error: unrecognized command line option "-std=c++11"
make[3]: *** [libmodsecurity_la-rule.lo] Error 1
make[3]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/usr/local/directadmin/custombuild/modsecurity-v3.0.3/src'
make: *** [all-recursive] Error 1

*** The make has failed, would you like to try to make again? (y,n):
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,164
Location
GMT +7.00
The error cc1plus: error: unrecognized command line option "-std=c++11" happens due to an outdated gcc-c++ .
And it compiles fine on CentOS 6 with

- gcc-4.8.2-8.el6.x86_64
- gcc-c++-4.8.2-8.el6.x86_64
- libgcc-4.8.2-8.el6.x86_64

on my end.
 

mean

Verified User
Joined
Feb 14, 2007
Messages
41
zEitEr , Thank you very much.


---- work and perfect
cd /etc/yum.repos.d
wget http://linuxsoft.cern.ch/cern/scl/slc6-scl.repo
yum -y --nogpgcheck install devtoolset-3-gcc devtoolset-3-gcc-c++
scl enable devtoolset-3 bash
ref: https://github.com/ospray/ospray/wiki/Installing-(CPP11-enabled)-GCC4.9.1-on-CentOS-6.5



---- old method

wget http://people.centos.org/tru/devtools-2/devtools-2.repo -O /etc/yum.repos.d/devtools-2.repo
yum -y install devtoolset-2-gcc devtoolset-2-binutils
yum -y install devtoolset-2-gcc-c++ devtoolset-2-gcc-gfortran

export CC=/opt/rh/devtoolset-2/root/usr/bin/gcc
export CPP=/opt/rh/devtoolset-2/root/usr/bin/cpp
export CXX=/opt/rh/devtoolset-2/root/usr/bin/c++
 
Last edited:
Top