modsecurity-docker
modsecurity-docker copied to clipboard
The official ModSecurity Docker images
The nginx container does not properly reflect the `REAL_IP_HEADER` in the `ERRORLOG` file within property `client_ip`. docker-compose.yml ```yml environment: SET_REAL_IP_FROM: "0.0.0.0/0" REAL_IP_HEADER: "X-Forwarded-For" REAL_IP_RECURSIVE: "on" ``` waf.log (ERRORLOG) ```yml [...]...
We currently use a custom log format named `perlogjson` for the performance log of Apache. This log format doesn't exist though. It was introduced in cfe220bf2cfdf3d0d85a912ca7cecf5ef8742e8f but without a format...
In https://github.com/coreruleset/modsecurity-docker/pull/126 we added support for setting the log format. This format is used for access log, error log and transfer log. It would be nice to have separate variables...
The ModSecurity `SecDisableBackendCompression` could not be configured in this docker image. This PR adds that option.
Per https://github.com/SpiderLabs/ModSecurity/pull/2719, we might want to add a new version based on pcre2 only. As compilation flags change, we need to see if this breaks something or not.
Signed-off-by: Felipe Zipitria Add upstream build for CRS docker.
Signed-off-by: Felipe Zipitria - this trick makes both ssdeep and pcre2 be found in other architectures - we need `AC_CANONICAL_HOST` earlier in the `configure.ac` file to use its defined the...
Check what is needed to sign images using cosign. References - https://github.com/sigstore/cosign-installer
Signed-off-by: Felipe Zipitria Adds health check to the `/healtz` endpoint configured in all containers. Fixes #136. Note: I did try adding variables to the different times, but docker doesn't like...