nginx Modsecurity Rules Dynamic Filter For Specific vhost

Skip to first unread message

Hadi Abbasi

May 13, 2019, 5:16:10 AM5/13/19
to openresty-en
Hey Guys...

I'm developing a proxy server by having some different vhosts using openresty!
I'm looking for a way to filter some specific modsecurity rules for each vhost,
but I think nginx can't support filtering modsec rules for each vhost!
because I've seen we can just add all of our rules inside nginx.conf,
and I think there isn't any command to filter and set some of these rules for specific vhosts!

in other words, if I set:

modsecurity on;
modsecurity_rules_file   my_rule_01
modsecurity_rules_file   my_rule_02
modsecurity_rules_file   my_rule_03

so it will apply all of these rules for all of proxy upstreams and if I want to apply just my_rule_02.conf to host number 10, there isn't any way to do that!

Am I Right?


May 13, 2019, 6:07:42 AM5/13/19
to Hadi Abbasi, openresty-en
you can try naxsi, which likely modsecurity, i know this module can apply rule in specific location。
You received this message because you are subscribed to the Google Groups "openresty-en" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To view this discussion on the web visit
For more options, visit

Hadi Abbasi

May 13, 2019, 8:43:04 AM5/13/19
to openresty-en
Thanks a lot...I will try it...
but did you mean, nginx can't support filtering modsec rules for separated proxy hosts?
can I be sure not to use modsec in nginx and to use naxsi as Waf Layer for my requirements?
I wanna let the admins of customer hosts (in my proxy server) to select waf rules for their hosts, then my proxy api must check their hosts just on selected rules!
thanks a lot...
Reply all
Reply to author
0 new messages