yum -y install pcre pcre-devel
wget https://openresty.org/download/openresty-1.9.15.1.tar.gz
tar -zxvf openresty-1.9.15.1.tar.gz 
cd openresty-1.9.15.1
./configure 
gmake && gmake install

在nginx.conf的http段添加
　　lua_package_path "/usr/local/openresty/nginx/conf/ngx_lua_waf/?.lua";
　　lua_shared_dict limit 10m;
　　init_by_lua_file /usr/local/openresty/nginx/conf/ngx_lua_waf/init.lua;
　　access_by_lua_file /usr/local/openresty/nginx/conf/ngx_lua_waf/waf.lua;

配置config.lua里的waf规则目录(一般在ngx_lua_waf/wafconf/目录下)
　　RulePath = "/usr/local/openresty/nginx/conf/ngx_lua_waf/wafconf"
　　attacklog = "on"
　　logdir = "/usr/local/nginx/logs/waf"

#将nginx.conf首行的”# user nobody;”的”#”注释去掉，重新启动nginx服务
user nobody
#将防护日志目录所属user和group修改为nobody，目录权限可设为700也可以写入
cd /usr/local/nginx/conf
chown -R nobay.nobady waf //chmod 700 waf