Because nginx version of modsecurity3-nginx port is 1.22 and not always compilation successful, it is possible to compile modsecurity from source.
Compiled modsecurity can be safely included in nginx from ports.
Everything (nginx and modsecurity3-nginx) can be compiled by running compile-nginx.sh :
compile-modsecurity.sh :
#!/bin/sh
#libModSecurityrm -rf ModSecuritygit clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecuritycd ModSecuritygit pullgit submodule initgit submodule update./build.sh./configuregmake -j4cd ..#nginx connectorrm -rf Modsecurity-nginxgit clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.gitcd Modsecurity-nginxgit pullcd ..
compile-nginx.sh:
#!/bin/sh
ver="1.28.0"
if [ ! -f nginx-${ver}.tar.gz ]; thenwget http://nginx.org/download/nginx-${ver}.tar.gzfirm -rf nginx-${ver}if [ ! -d nginx-${ver} ]; thentar xvf nginx-${ver}.tar.gzfi./compile-modsecurity.shcd nginx-${ver}./configure \--prefix=/usr/local/nginx \--pid-path=/var/run/nginx.pid \--with-cc-opt='-DNGX_HAVE_INET6=0 -I /usr/local/include' \--with-ld-opt='-L /usr/local/lib' \--user=www \--group=www \--with-file-aio \--with-google_perftools_module \--with-http_v2_module \--with-http_addition_module \--with-http_auth_request_module \--with-http_dav_module \--with-http_flv_module \--with-http_gunzip_module \--with-http_gzip_static_module \--with-http_mp4_module \--with-http_random_index_module \--with-http_realip_module \--with-pcre \--with-http_secure_link_module \--with-http_slice_module \--with-http_ssl_module \--with-http_stub_status_module \--with-http_sub_module \--without-mail_imap_module \--without-mail_pop3_module \--without-mail_smtp_module \--with-stream_ssl_module \--with-stream_ssl_preread_module \--with-threads \--with-stream=dynamic \--with-http_v3_module \--add-dynamic-module=../ModSecurity-nginxmake -j4if [ $? -eq 0 ]then echo "Complilation successful"elseecho "Compilation failed"exit 1fi
make install