Public Repository

Last pushed: a year ago
Short Description
modsecurity+apache+php image for ifpr purposes.
Full Description

A image based on php:7-apache with modsecurity installed for IFPR purposes.

There are two volumes /etc/apache2/modsec-rules and /et/apache2/conf-modsec/

latest, v0.2, v0.1 is base on php:7-apache


USAGE EXAMPLE

  1. Download owasp rules for modsecurity
    $git clone https://github.com/spiderLabs/owasp-modsecurity-crs.git

  2. Change file modsecurity_crs_10_setup.conf.example to modsecurity_crs_10_setup.conf
    cp modsecurity_crs_10_setup.conf{.example,}

  3. Create modsec.conf

    <IfModule security2_module>
    Include modsec-rules/modsecurity_crs_10_setup.conf
    Include modsec-rules/base_rules/*.conf
    </IfModule>

  4. Run the container
    docker run -it -p 80:80 --name web -d -v /<path_to>/owasp-modsecurity-crs/:/etc/apache2/modsec-rules/ -v /<path_to>/modsec.conf:/etc/apache2/conf-modsec/modsec.conf ifpr/apache2

  5. If you access using browser and get Forbidden, it's working.

  6. To access the web page content using IP address, remove modsecurity_crs_21_protocol_anomalies.conf in base_rules directory.

Docker Pull Command
Owner
ifpr

Comments (0)