{"id":10109,"date":"2021-08-19T21:16:26","date_gmt":"2021-08-19T18:16:26","guid":{"rendered":"https:\/\/kifarunix.com\/?p=10109"},"modified":"2024-03-18T18:49:37","modified_gmt":"2024-03-18T15:49:37","slug":"install-modsecurity-with-nginx-on-rocky-linux-8","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-modsecurity-with-nginx-on-rocky-linux-8\/","title":{"rendered":"Install Modsecurity with Nginx on Rocky Linux 8"},"content":{"rendered":"\n

In this guide, we are going to learn how to Install Modsecurity with Nginx on Rocky Linux 8. LibMosecurity is the newest version of ModSecurity<\/a>. It is therefore known as ModSecurity version 3.<\/p>\n\n\n\n

Installing Modsecurity with Nginx on Rocky Linux 8<\/h2>\n\n\n\n

Run System Update<\/h3>\n\n\n\n

Begin by updating your system packages.<\/p>\n\n\n\n

dnf update<\/code><\/pre>\n\n\n\n
Install Required Build Tools and Dependencies<\/h3>\n\n\n\n
Both Nginx and LibModsecurity are going to be compiled from the source and thus a number of build tools and dependencies are required. Run the command below to install them.<\/p>\n\n\n\n
dnf install gcc-c++ flex bison yajl curl-devel curl zlib-devel pcre-devel autoconf automake git curl make libxml2-devel pkgconfig libtool httpd-devel redhat-rpm-config git wget openssl openssl-devel vim<\/code><\/pre>\n\n\n\n
dnf --enablerepo=powertools install doxygen yajl-devel -y<\/code><\/pre>\n\n\n\n
Install GeoIP Libraries<\/p>\n\n\n\n
dnf install epel-release https:\/\/rpms.remirepo.net\/enterprise\/remi-release-8.rpm -y<\/code><\/pre>\n\n\n\n
dnf --enablerepo=remi install GeoIP-devel -y<\/code><\/pre>\n\n\n\n
Download Modsecurity Source Code<\/h3>\n\n\n\n
Create a temporary directory to store the source tarballs.<\/p>\n\n\n\n
mkdir \/tmp\/modsec<\/code><\/pre>\n\n\n\n
Run the command below to  clone the latest LibModsecurity GitHub repository.<\/p>\n\n\n\n
cd \/tmp\/modsec<\/code><\/pre>\n\n\n\n
git clone --depth 1 -b v3\/master --single-branch https:\/\/github.com\/SpiderLabs\/ModSecurity<\/code><\/pre>\n\n\n\n
Compile and Install Modsecurity on Rocky Linux 8<\/h3>\n\n\n\n
Navigate to the Modsecurity source directory, configure, compile and install it<\/p>\n\n\n\n
cd ModSecurity<\/code><\/pre>\n\n\n\n
Download libInjection code which is available as part of ModSecurity source code in a format of a git-submodule<\/p>\n\n\n\n
git submodule init<\/code><\/pre>\n\n\n\n
git submodule update<\/code><\/pre>\n\n\n\n
Configure Modsecurity to adapt it to your system and check if any required dependency is missing.<\/p>\n\n\n\n
.\/build.sh<\/code><\/pre>\n\n\n\n
.\/configure<\/code><\/pre>\n\n\n\n
The fatal: No names found, cannot describe anything<\/strong> can be safely ignored.<\/p>\n\n\n\n
Fix any dependency issue just in case there is any before you can proceed.<\/p>\n\n\n\n
Compile and install ModSecurity.<\/p>\n\n\n\n
make<\/code><\/pre>\n\n\n\n
make install<\/code><\/pre>\n\n\n\n
Install Nginx with LibModsecurity Support<\/h3>\n\n\n\n
To setup Nginx with LibModsecurity, you need to compile Nginx with support for LibModsecurity.<\/p>\n\n\n\n
Therefore, download the ModSecurity-nginx connector which provides a communication channel between Nginx and LibModsecurity by cloning its git repository.<\/p>\n\n\n\n
cd \/tmp\/modsec\ngit clone https:\/\/github.com\/SpiderLabs\/ModSecurity-nginx.git<\/code><\/pre>\n\n\n\n
Next, download the latest staple version of Nginx from Nginx downloads<\/a>. The latest version as of this writing is version nginx-1.19.10.tar.gz<\/a>.<\/p>\n\n\n\n
wget http:\/\/nginx.org\/download\/nginx-1.19.10.tar.gz<\/code><\/pre>\n\n\n\n
Extract the archive.<\/p>\n\n\n\n
tar xzf nginx-1.19.10.tar.gz<\/code><\/pre>\n\n\n\n
Create a non-privileged Nginx system user and group.<\/p>\n\n\n\n
useradd -r -M -s \/sbin\/nologin -d \/usr\/local\/nginx nginx<\/code><\/pre>\n\n\n\n
Navigate to Nginx source directory and configure it.<\/p>\n\n\n\n
cd nginx-1.19.10<\/code><\/pre>\n\n\n\n
.\/configure --user=nginx --group=nginx --with-pcre-jit --with-debug --with-http_ssl_module --with-http_realip_module --add-module=\/tmp\/modsec\/ModSecurity-nginx<\/code><\/pre>\n\n\n\n
Configuration summary<\/p>\n\n\n\n
Configuration summary\n  + using system PCRE library\n  + using system OpenSSL library\n  + using system zlib library\n\n  nginx path prefix: \"\/usr\/local\/nginx\"\n  nginx binary file: \"\/usr\/local\/nginx\/sbin\/nginx\"\n  nginx modules path: \"\/usr\/local\/nginx\/modules\"\n  nginx configuration prefix: \"\/usr\/local\/nginx\/conf\"\n  nginx configuration file: \"\/usr\/local\/nginx\/conf\/nginx.conf\"\n  nginx pid file: \"\/usr\/local\/nginx\/logs\/nginx.pid\"\n  nginx error log file: \"\/usr\/local\/nginx\/logs\/error.log\"\n  nginx http access log file: \"\/usr\/local\/nginx\/logs\/access.log\"\n  nginx http client request body temporary files: \"client_body_temp\"\n  nginx http proxy temporary files: \"proxy_temp\"\n  nginx http fastcgi temporary files: \"fastcgi_temp\"\n  nginx http uwsgi temporary files: \"uwsgi_temp\"\n  nginx http scgi temporary files: \"scgi_temp\"\n<\/code><\/pre>\n\n\n\n
Compile and install Nginx on Rocky Linux 8.<\/p>\n\n\n\n
make\nmake install<\/code><\/pre>\n\n\n\n
Confgure Nginx with ModSecurity on Rocky Linux 8<\/h3>\n\n\n\n
To begin with, copy the sample ModSecurity configuration file on the source directory to Nginx configuration directory.<\/p>\n\n\n\n
cp \/tmp\/modsec\/ModSecurity\/modsecurity.conf-recommended \/usr\/local\/nginx\/conf\/modsecurity.conf<\/code><\/pre>\n\n\n\n
Copy the unicode.mapping<\/code> file from ModSecurity source directory to Nginx configuration directory.<\/p>\n\n\n\n
cp \/tmp\/modsec\/ModSecurity\/unicode.mapping \/usr\/local\/nginx\/conf\/<\/code><\/pre>\n\n\n\n
Next, edit Nginx configuration file and make the changes as shown below.<\/p>\n\n\n\n
Create a backup of the Nginx configuration file.<\/p>\n\n\n\n
cp \/usr\/local\/nginx\/conf\/nginx.conf{,.bak}<\/code><\/pre>\n\n\n\n
Open the configuration file for editing.<\/p>\n\n\n\n
vim \/usr\/local\/nginx\/conf\/nginx.conf<\/code><\/pre>\n\n\n\n
Configure Nginx such that your configuration may look like;<\/p>\n\n\n\n
user  nginx;\nworker_processes  1;\npid        \/run\/nginx.pid;\nevents {\n    worker_connections  1024;\n}\nhttp {\n    include       mime.types;\n    default_type  application\/octet-stream;\n    sendfile        on;\n    keepalive_timeout  65;\n    server {\n        listen       80;\n        server_name  nginx.kifarunix-demo.com;\n        modsecurity  on;\n        modsecurity_rules_file  \/usr\/local\/nginx\/conf\/modsecurity.conf<\/strong>;\n        access_log  \/var\/log\/nginx\/access_kifarunix-demo.log;\n        error_log  \/var\/log\/nginx\/error_kifarunix-demo.log;\n        location \/ {\n            root   html;\n            index  index.html index.htm;\n        }\n        error_page   500 502 503 504  \/50x.html;\n        location = \/50x.html {\n            root   html;\n        }\n    }\n}\n<\/code><\/pre>\n\n\n\n
Note that the line;<\/p>\n\n\n\n
modsecurity  on;\nmodsecurity_rules_file  \/usr\/local\/nginx\/conf\/modsecurity.conf;<\/strong><\/code><\/pre>\n\n\n\n
Turns on Modsecurity and specifies the location of the Modsecurity rules.<\/p>\n\n\n\n
Note that ModSecurity 3 can be turned on per directory basis.<\/p>\n\n\n\n
Create Nginx log directory.<\/p>\n\n\n\n
mkdir \/var\/log\/nginx<\/code><\/pre>\n\n\n\n
Create Nginx Systemd Service<\/h4>\n\n\n\n
To be able to run Nginx as a service, create a systemd service as shown below;<\/p>\n\n\n\n
cat > \/etc\/systemd\/system\/nginx.service << 'EOL'\n[Unit]\nDescription=The nginx HTTP and reverse proxy server\nAfter=network.target remote-fs.target nss-lookup.target\n\n[Service]\nType=forking\nPIDFile=\/run\/nginx.pid\nExecStartPre=\/usr\/bin\/rm -f \/run\/nginx.pid\nExecStartPre=\/usr\/sbin\/nginx -t\nExecStart=\/usr\/sbin\/nginx\nExecReload=\/bin\/kill -s HUP $MAINPID\nKillSignal=SIGQUIT\nTimeoutStopSec=5\nKillMode=mixed\nPrivateTmp=true\n\n[Install]\nWantedBy=multi-user.target\nEOL<\/code><\/pre>\n\n\n\n
Create a symbolic link of Nginx binary to \/usr\/sbin\/<\/code> path.<\/p>\n\n\n\n
ln -s \/usr\/local\/nginx\/sbin\/nginx \/usr\/sbin\/<\/code><\/pre>\n\n\n\n
Reload systemd configurations.<\/p>\n\n\n\n
systemctl daemon-reload<\/code><\/pre>\n\n\n\n
Run Nginx configuration syntax error verification.<\/p>\n\n\n\n
nginx -t<\/code><\/pre>\n\n\n\n
nginx: the configuration file \/usr\/local\/nginx\/conf\/nginx.conf syntax is ok\nnginx: configuration file \/usr\/local\/nginx\/conf\/nginx.conf test is successful<\/code><\/pre>\n\n\n\n
If all is well, start and enable Nginx to run on system boot.<\/p>\n\n\n\n
systemctl enable --now nginx<\/code><\/pre>\n\n\n\n
Check the status;<\/p>\n\n\n\n
systemctl status nginx<\/code><\/pre>\n\n\n\n
\u25cf nginx.service - The nginx HTTP and reverse proxy server\n   Loaded: loaded (\/etc\/systemd\/system\/nginx.service; disabled; vendor preset: disabled)\n   Active: active (running) since Thu 2021-08-19 20:46:33 EAT; 11s ago\n  Process: 31623 ExecStart=\/usr\/sbin\/nginx (code=exited, status=0\/SUCCESS)\n  Process: 31621 ExecStartPre=\/usr\/sbin\/nginx -t (code=exited, status=0\/SUCCESS)\n  Process: 31620 ExecStartPre=\/usr\/bin\/rm -f \/run\/nginx.pid (code=exited, status=0\/SUCCESS)\n Main PID: 31625 (nginx)\n    Tasks: 2 (limit: 4938)\n   Memory: 3.2M\n   CGroup: \/system.slice\/nginx.service\n           \u251c\u250031625 nginx: master process \/usr\/sbin\/nginx\n           \u2514\u250031626 nginx: worker process\n\nAug 19 20:46:33 rocky8 systemd[1]: Starting The nginx HTTP and reverse proxy server...\nAug 19 20:46:33 rocky8 nginx[31621]: nginx: the configuration file \/usr\/local\/nginx\/conf\/nginx.conf syntax is ok\nAug 19 20:46:33 rocky8 nginx[31621]: nginx: configuration file \/usr\/local\/nginx\/conf\/nginx.conf test is successful\nAug 19 20:46:33 rocky8 systemd[1]: nginx.service: Failed to parse PID from file \/run\/nginx.pid: Invalid argument\nAug 19 20:46:33 rocky8 systemd[1]: Started The nginx HTTP and reverse proxy server.\n<\/code><\/pre>\n\n\n\n
Turn on ModSecurity Rule Engine<\/h3>\n\n\n\n
By default, ModSecurity is set on detection only mode where it only logs the requests based on the triggered rules without blocking anything. This can be changed by setting the value of SecRuleEngine<\/code> to On<\/code>.<\/p>\n\n\n\n
sed -i 's\/SecRuleEngine DetectionOnly\/SecRuleEngine On\/' \/usr\/local\/nginx\/conf\/modsecurity.conf<\/code><\/pre>\n\n\n\n
You can also change default log directory for Modsecurity<\/p>\n\n\n\n
sed -i 's#\/var\/log\/modsec_audit.log#\/var\/log\/nginx\/modsec_audit.log#' \/usr\/local\/nginx\/conf\/modsecurity.conf<\/code><\/pre>\n\n\n\n
Install OWASP ModSecurity Core Rule Set (CRS)<\/h3>\n\n\n\n
The OWASP ModSecurity Core Rule Set (CRS)<\/strong> is a set of generic attack detection rules for use with ModSecurity. It aims at protecting the web applications from a wide range of attacks, including the OWASP Top Ten, minimum of false alerts.<\/p>\n\n\n\n
Clone the CRS from GitHub repository<\/a> to \/usr\/local\/nginx\/conf\/<\/code> as shown below;<\/p>\n\n\n\n
git clone https:\/\/github.com\/SpiderLabs\/owasp-modsecurity-crs.git \/usr\/local\/nginx\/conf\/owasp-crs<\/code><\/pre>\n\n\n\n
Next, rename crs-setup.conf.example<\/code> to crs-setup.conf<\/code>.<\/p>\n\n\n\n
sudo cp \/usr\/local\/nginx\/conf\/owasp-crs\/crs-setup.conf{.example,}<\/code><\/pre>\n\n\n\n
Once the OWASP rules are in place, configure ModSecurity to use these rules. You therefore need to enter the following lines on the ModSecurity configuration file to tell it where to find the rules.<\/p>\n\n\n\n
echo -e \"Include owasp-crs\/crs-setup.conf\\nInclude owasp-crs\/rules\/*.conf\" >> \/usr\/local\/nginx\/conf\/modsecurity.conf<\/code><\/pre>\n\n\n\n
This command will append the lines below on \/usr\/local\/nginx\/conf\/modsecurity.conf<\/code>.<\/p>\n\n\n\n
Include owasp-crs\/crs-setup.conf\nInclude owasp-crs\/rules\/*.conf<\/code><\/pre>\n\n\n\n
Verify Nginx configuration file again.<\/p>\n\n\n\n
nginx -t<\/code><\/pre>\n\n\n\n
Next, restart Nginx if everything is Okay.<\/p>\n\n\n\n
systemctl restart nginx<\/code><\/pre>\n\n\n\n
Testing ModSecurity on Nginx<\/h3>\n\n\n\n
Next, you can test the effectiveness of Modsecurity with OWASP rules, for example, using the command injection. Run the command below;<\/p>\n\n\n\n
curl localhost\/index.html?exec=\/bin\/bash<\/code><\/pre>\n\n\n\n
You should get 403 Forbidden<\/code><\/strong> if the rules are file.<\/p>\n\n\n\n
<html>\n<head><title>403 Forbidden<\/title><\/head>\n<body>\n<center><h1>403 Forbidden<\/h1><\/center>\n<hr><center>nginx\/1.19.10<\/center>\n<\/body>\n<\/html><\/code><\/pre>\n\n\n\n
Check the logs file.<\/p>\n\n\n\n
tail -100 \/var\/log\/nginx\/modsec_audit.log<\/code><\/pre>\n\n\n\n
---iQWU4H4y---A--\n[19\/Aug\/2021:20:48:26 +0300] 1629395306 127.0.0.1 37240 127.0.0.1 80\n---iQWU4H4y---B--\nGET \/index.html?exec=\/bin\/bash HTTP\/1.1\nHost: localhost\nUser-Agent: curl\/7.61.1\nAccept: *\/*\n\n---iQWU4H4y---D--\n\n---iQWU4H4y---E--\n<html>\\x0d\\x0a<head><title>403 Forbidden<\/title><\/head>\\x0d\\x0a<body>\\x0d\\x0a<center><h1>403 Forbidden<\/h1><\/center>\\x0d\\x0a<hr><center>nginx\/1.19.10<\/center>\\x0d\\x0a<\/body>\\x0d\\x0a<\/html>\\x0d\\x0a\n\n---iQWU4H4y---F--\nHTTP\/1.1 403\nServer: nginx\/1.19.10\nDate: Thu, 19 Aug 2021 17:48:26 GMT\nContent-Length: 154\nContent-Type: text\/html\nConnection: keep-alive\n\n---iQWU4H4y---H--\nModSecurity: Warning. Matched \"Operator `PmFromFile' with parameter `unix-shell.data' against variable `ARGS:exec' (Value: `\/bin\/bash' ) [file \"\/usr\/local\/nginx\/conf\/owasp-crs\/rules\/REQUEST-932-APPLICATION-ATTACK-RCE.conf\"]\n[line \"496\"] [id \"932160\"] [rev \"\"] [msg \"Remote Command Execution: Unix Shell Code Found\"] [data \"Matched Data: bin\/bash found within ARGS:exec: \/bin\/bash\"] [severity \"2\"] [ver \"OWASP_CRS\/3.2.0\"] [maturity \"0\"] [accuracy \"0\"] [tag \"application-multi\"] [tag \"language-shell\"]\n[tag \"platform-unix\"] [tag \"attack-rce\"] [tag \"paranoia-level\/1\"] [tag \"OWASP_CRS\"] [tag \"OWASP_CRS\/WEB_ATTACK\/COMMAND_INJECTION\"] [tag \"WASCTC\/WASC-31\"] [tag \"OWASP_TOP_10\/A1\"] [tag \"PCI\/6.5.2\"] [hostname \"127.0.0.1\"] [uri \"\/index.html\"] [unique_id \"1629395306\"] [ref \"o1,8v21,9t:urlDecodeUni,t:cmdLine,t:normalizePath,t:lowercase\"]\nModSecurity: Access denied with code 403 (phase 2). Matched \"Operator `Ge' with parameter `5' against variable `TX:ANOMALY_SCORE' (Value: `5' )\n[file \"\/usr\/local\/nginx\/conf\/owasp-crs\/rules\/REQUEST-949-BLOCKING-EVALUATION.conf\"] [line \"80\"] [id \"949110\"] [rev \"\"] [msg \"Inbound Anomaly Score Exceeded (Total Score: 5)\"]\n[data \"\"] [severity \"2\"] [ver \"OWASP_CRS\/3.2.0\"] [maturity \"0\"] [accuracy \"0\"] [tag \"application-multi\"] [tag \"language-multi\"] [tag \"platform-multi\"] [tag \"attack-generic\"] [hostname \"127.0.0.1\"] [uri \"\/index.html\"] [unique_id \"1629395306\"] [ref \"\"]\n\n---iQWU4H4y---I--\n\n---iQWU4H4y---J--\n\n---iQWU4H4y---Z--\n<\/code><\/pre>\n\n\n\n
Similarly, the logs are written to Nginx error logs file.<\/p>\n\n\n\n
You can also create your own test rules. For example, append the line below on your \/usr\/local\/nginx\/conf\/modsecurity.conf<\/code>.<\/p>\n\n\n\n
SecRule ARGS \"@streq test\" \"id:1,phase:1,deny,msg:\\'Mytest Rule\\'\"<\/code><\/pre>\n\n\n\n
Save the configuration file.<\/p>\n\n\n\n
You can also create your custom rules file and make sure it is included on the main ModSecurity configuration file.<\/p>\n\n\n\n
Restart Nginx.<\/p>\n\n\n\n
systemctl restart nginx<\/code><\/pre>\n\n\n\n
Test the rule.<\/p>\n\n\n\n
curl localhost\/index.html?a=test<\/code><\/pre>\n\n\n\n
<html>\n<head><title>403 Forbidden<\/title><\/head>\n<body>\n<center><h1>403 Forbidden<\/h1><\/center>\n<hr><center>nginx\/1.19.10<\/center>\n<\/body>\n<\/html><\/code><\/pre>\n\n\n\n
Check the log file;<\/p>\n\n\n\n
tail \/var\/log\/nginx\/error_kifarunix-demo.log<\/code><\/pre>\n\n\n\n
2021\/08\/19 20:48:26 [error] 31687#0: *1 [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Matched \"Operator `Ge' with parameter `5' against variable `TX:ANOMALY_SCORE' (Value: `5' ) [file \"\/usr\/local\/nginx\/conf\/owasp-crs\/rules\/REQUEST-949-BLOCKING-EVALUATION.conf\"] [line \"80\"] [id \"949110\"] [rev \"\"] [msg \"Inbound Anomaly Score Exceeded (Total Score: 5)\"] [data \"\"] [severity \"2\"] [ver \"OWASP_CRS\/3.2.0\"] [maturity \"0\"] [accuracy \"0\"] [tag \"application-multi\"] [tag \"language-multi\"] [tag \"platform-multi\"] [tag \"attack-generic\"] [hostname \"127.0.0.1\"] [uri \"\/index.html\"] [unique_id \"1629395306\"] [ref \"\"], client: 127.0.0.1, server: nginx.kifarunix-demo.com, request: \"GET \/index.html?exec=\/bin\/bash HTTP\/1.1\", host: \"localhost\"\n2021\/08\/19 20:54:03 [error] 31765#0: *1 [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 1). Matched \"Operator `StrEq' with parameter `test' against variable `ARGS:a' (Value: `test' ) [file \"\/usr\/local\/nginx\/conf\/modsecurity.conf\"] [line \"261\"] [id \"1\"] [rev \"\"] [msg \"\\'Mytest Rule\\'\"] [data \"\"] [severity \"0\"] [ver \"\"] [maturity \"0\"] [accuracy \"0\"] [hostname \"127.0.0.1\"] [uri \"\/index.html\"] [unique_id \"1629395643\"] [ref \"v18,4\"], client: 127.0.0.1, server: nginx.kifarunix-demo.com, request: \"GET \/index.html?a=test HTTP\/1.1\", host: \"localhost\"<\/code><\/pre>\n\n\n\n
The ModSecurity is now running and protecting your web server.<\/p>\n\n\n\n
You can check our other guides on ModSecurity by following the links below;<\/p>\n\n\n\n
Process and Visualize ModSecurity Logs on ELK Stack<\/a><\/p>\n\n\n\n
Create Kibana Visualization Dashboards for ModSecurity Logs<\/a><\/p>\n\n\n\n
Restrict Access to WordPress Login Page to Specific IPs with libModSecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
In this guide, we are going to learn how to Install Modsecurity with Nginx on Rocky Linux 8. LibMosecurity is the newest version of ModSecurity. It<\/p>\n","protected":false},"author":3,"featured_media":10113,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[34,121,1207,304],"tags":[3973,1140,1141,229,3974],"class_list":["post-10109","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-howtos","category-modsecurity","category-nginx","tag-install-modsecurity-with-nginx-rocky-linux-8","tag-libmodsecurity","tag-modsecurity-3","tag-nginx","tag-rocky-linux-8-modsecurity-with-nginx","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10109"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=10109"}],"version-history":[{"count":3,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10109\/revisions"}],"predecessor-version":[{"id":21687,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10109\/revisions\/21687"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/10113"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=10109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=10109"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=10109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}