Join the community today
Register Now

Nginx A straight forward tutorial to install test-cookie?

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by Oxide, Jun 25, 2015.

  1. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    Hi,

    Are there any straight-forward tutorial on how I can install example: kyprizel/testcookie-nginx-module · GitHub

    With centminmod?

    I got a big tutorial before, but i can't imagine all that is neccesary. I would assume "all i have to do" is to download the files, place it in specific location then add testcookie to the install.. then somehow reinstall nginx?
     
  2. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    11:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    I posted an example of how to add nginx modules to Centmin Mod at centminmod.com/nginx_webdav.html for webdav prior to it becoming an official part of Centmin Mod's default module list. You can use that example to pretty much add or extend Nginx with additional modules.

    Only limitations are
    1. You need to know generally how to add Nginx modules and that is basically the same for any Nginx server not just Centmin Mod
    2. You also need to know the instructions for specific Nginx module
    3. You also need to know any prerequiste system dependencies and YUM packages that the Nginx module requires as I may not know what they are as I may have never used the Nginx module you want.
    4. I'm limited to what I can add to Centmin Mod by what I know and use usually and what I am comfortable with supporting. So that limits what officially I can add to Centmin Mod. But you are free to add whatever you need using above as a guide.
    For Centmin Mod Nginx, download tar.gz nginx modules to /svr-setup and extract and then editing inc/nginx_configure.inc just use the same --add-module=../nginx-module-name line.

    Posted a more recent example below. Actual Github commits for adding 3 new Centmin Mod Nginx modules, echo-nginx-module, set-misc-nginx-module and ngx_devel_kit are located below (you can use these changes and webdav example as a blue print for understanding how to extend and add your own Centmin Mod Nginx modules.

    Github commits for 3 new Nginx modules

    General Info on Adding New Nginx Modules



    There's 5 basic steps involve in adding a new Nginx module into Centmin Mod Nginx server for Centmin Mod .08 beta02 and higher. They involve editing 5 Centmin Mod files.
    1. centmin.sh - add VARIABLE name to define the nginx module's version number if there is one
    2. inc/downloadlinks.inc - add 2 VARIABLES to define the module download link and filename
    3. inc/downloads.inc - add download function to download the module using download link defined in inc/downloadlinks.inc and test the download validity i.e. untar it using filename defined in inc/downloadlinks.inc
    4. inc/nginx_configure.inc - add check variables to grab latest nginx module extracted directory and put it info directory variable to be called from Nginx ./configure options only if NGINX_OPENRESTY='y'
    5. inc/nginx_upgrade.inc - add to existing file check, the new module download file name (defined in inc/downloadlinks.inc). This ensures, when you run centmin.sh menu option 4 to upgrade Nginx, if the new nginx module download file doesn't exist in /svr-setup, it will download it and extract it before the Nginx compilation begins
     
  3. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    damn looks so hard :/ hope you can add test cookie option to nginx, this is very good for ddos protection layer -7 which is what most hosts have issues with.. also very easy to use

    also question, if i wanted to install only nginx with centminmod is this also possible? i dont want mariadb.. i want to use it as reverse proxy example..

    maybe someone here kind enough to help me out with a very very noob friendly tutorial "find, replace with" for test cookie too? ^^ im using latest stable
     
  4. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    i actually have mod 0.8 0.2 /usr/local/src/centminmod-123.08centos7beta02/inc

    so i can donate a few bucks if you can help me implanting test cookie to it xD
     
  5. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    11:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    You're on your own, everything you need is laid out in my above initial reply for Centmin Mod and adding additional nginx modules. Try and test on a test VPS and not live server so doesn't matter if you fumble your way through until you nail it down :)
     
  6. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    the tutorial for beta doesnt explain what exactly to add and what line to add them, which is more what i need

    webadev one looks dedicated to webadev
     
  7. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    Code:
        if [ "$NGINX_OPENRESTY" == 'y' ]; then
            MEMCDIR=`ls -rt $DIR_TMP | grep openresty-memc-nginx-module | egrep -v 'gz|zip' | tail -1`
            SRCACHEDIR=`ls -rt $DIR_TMP | grep openresty-srcache-nginx-module | egrep -v 'gz|zip' | tail -1`
            SETMISCDIR=`ls -rt $DIR_TMP | grep set-misc-nginx-module | egrep -v 'gz|zip' | tail -1`
            DEVELKITDIR=`ls -rt $DIR_TMP | grep ngx_devel_kit | egrep -v 'gz|zip' | tail -1`
            ECHODIR=`ls -rt $DIR_TMP | grep echo-nginx-module | egrep -v 'gz|zip' | tail -1`
            MEMCOPT=" --add-module=../${MEMCDIR}"
            SRCCACHEOPT=" --add-module=../${SRCACHEDIR}"
            SETMISCOPT=" --add-module=../${SETMISCDIR}"
            DEVELKITOPT=" --add-module=../${DEVELKITDIR}"
            ECHOOPT=" --add-module=../${ECHODIR}"
            ECHOOPT=" --add-module=../testcookie-nginx"

    the path is located /svr-setup/testcookie-nginx

    http://i.imgur.com/9n2k7Ag.png

    then reinstall nginx, with what option ?
     
  8. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    11:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    would need a separate variable other than ECHOOPT as you would override the existing echo nginx module's ECHOOPT variable or you can do away with separate variable and add it onto ECHOOPT existing variable
    Code:
    ECHOOPT=" --add-module=../${ECHODIR} --add-module=../testcookie-nginx"
    then recompile nginx via centmin.sh menu option 4 (always used for nginx upgrade/downgrade/recompiles).
     
  9. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    thats it, this easy?

    only add --add-module=../testcookie-nginx to echopt then done?

    im testing on live server since this is all i have xD
     
  10. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    11:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    Depends on the nginx module and whether it has other dependent software or nginx modules that need installing so goes back to the above
    if you followed my above steps you would have additional functionality in defining a variable in centmin.sh to turn on/off the module, define a version number if needed, and setup download routine so you can auto update module version just when you run centmin.sh menu option 4
     
  11. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    tried to run it now, lets see
     
  12. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    i love you, thats all i have to say :DD

    it worked so easy ^_^
     
    • Like Like x 1
  13. RoldanLT

    RoldanLT Well-Known Member

    3,823
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,257
    Local Time:
    9:13 AM
    1.11
    10.2
    And it protect your site from Layer 7 type of attack?
     
  14. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    indeed
     
  15. RoldanLT

    RoldanLT Well-Known Member

    3,823
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,257
    Local Time:
    9:13 AM
    1.11
    10.2
    How can you confirm it works? Via log or ?
     
  16. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    By attacking my self.

    It's obvious.

    This will check wether the user that are accessing your web site can store cookie, if the user can not store cookie it's more than likely a botnet/attack on your web site / Layer-7.

    This will prevent the user from accessing the 'real' website aka. etc forum, or where it contains mysql queries that could be abused to such attack
     
  17. RoldanLT

    RoldanLT Well-Known Member

    3,823
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,257
    Local Time:
    9:13 AM
    1.11
    10.2
    What about those good bots? google, bing bots?
     
  18. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    They can be white listed by IP's, also I would think they have ability to store cookies.
     
    • Like Like x 1
  19. RoldanLT

    RoldanLT Well-Known Member

    3,823
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,257
    Local Time:
    9:13 AM
    1.11
    10.2
    • Download testcookie-nginx-module to /svr-setup
    Code:
    cd /svr-setup
    wget -c https://github.com/kyprizel/testcookie-nginx-module/zipball/master -O testcookie-nginx-module.zip
    unzip testcookie-nginx-module.zip
    mv kyprizel-testcookie-nginx-module* testcookie-nginx-module
    • Delete the original nginx_configure.inc file.
    And create a new one, with modification from original file here.
    Code:
    rm -rf /usr/local/src/centmin-v1.2.3mod/inc/nginx_configure.inc
    nano /usr/local/src/centmin-v1.2.3mod/inc/nginx_configure.inc
    
    Add this code 4 times.
    Code:
    --add-module=../testcookie-nginx-module
    Sample modified nginx_configure.inc

    • Then recompile Nginx via centmin menu option #4

    That's all :)
     
    Last edited: Jul 10, 2015
  20. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    11:13 AM
    thnx, i got it working but might be good for someone else that needs it

    i dont think people realize how much this helps, espewcially if layer-7 is your issue and your host handles layer-4