Website protection with OPNsense

Installing OPNsense

OPNsense installation video (portuguese)

Plugin installation

os-nginx plugin installtion

Initial configuration

1. Upstream Server

click on add button
Upstream Server: Example configuration

2. Upstream

click on add button
Select the Upstream Server configured in the previous step

3. Download the NAXSI (WAF) rules

Click on Download button to fetch the NAXSI rules
You must accept the NAXSI repository licence to Download the rules
After download process, the rules will be shown

4. Location

Location Submenu
Click on add button

5. HTTP Server

Click on the add button
HTTP Server configured

6. OPNsense configuration adjusts

Change the Webgui HTTPS port and disable the HTTP Redirect rule (port 80)
Check Enable and click on Apply button
After applied the configuration, the service will become up and running

Conclusion

Julio Cesar Camargo (JCC)

Written by

Cyber security professional / open source and aviation enthusiast. CTO@Cloudfence — https://cloudfence.com.br

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade