diff options
author | Stephen Wong <stephen.kf.wong@gmail.com> | 2018-09-05 05:03:24 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@opnfv.org> | 2018-09-05 05:03:25 +0000 |
commit | 05873b82e85d913838dc7aed9a21bc99a713a92d (patch) | |
tree | c459e76c659de259a2c04cf1dd34b9d57313a1fa /samples/services/modsecurity/docker/Dockerfile | |
parent | 420759bf152ce60da2152ec06c44f70f144d1d79 (diff) | |
parent | 09f09a34328079f04d372ff5fb7faf9e180cc7e4 (diff) |
Merge "Modsecurity as a service"
Diffstat (limited to 'samples/services/modsecurity/docker/Dockerfile')
-rw-r--r-- | samples/services/modsecurity/docker/Dockerfile | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/samples/services/modsecurity/docker/Dockerfile b/samples/services/modsecurity/docker/Dockerfile new file mode 100644 index 0000000..5a01f21 --- /dev/null +++ b/samples/services/modsecurity/docker/Dockerfile @@ -0,0 +1,37 @@ +FROM owasp/modsecurity:v2-ubuntu-apache
+MAINTAINER Jing Lu lvjing5@huawei.com
+
+ARG COMMIT=v3.1/dev
+ARG REPO=SpiderLabs/owasp-modsecurity-crs
+ENV PARANOIA=1
+
+RUN a2enmod rewrite
+
+RUN apt-get update && \
+ apt-get -y install python git ca-certificates iproute2 vim
+
+RUN cd /opt && \
+ git clone https://github.com/${REPO}.git owasp-modsecurity-crs-3.1 && \
+ cd owasp-modsecurity-crs-3.1 && \
+ git checkout -qf ${COMMIT}
+
+RUN cd /opt && \
+ cp -R /opt/owasp-modsecurity-crs-3.1/ /etc/apache2/modsecurity.d/owasp-crs/ && \
+ mv /etc/apache2/modsecurity.d/owasp-crs/crs-setup.conf.example /etc/apache2/modsecurity.d/owasp-crs/crs-setup.conf && \
+ cd /etc/apache2/modsecurity.d && \
+ printf "include modsecurity.d/owasp-crs/crs-setup.conf\ninclude modsecurity.d/owasp-crs/rules/*.conf" > include.conf && \
+ sed -i -e 's/SecRuleEngine DetectionOnly/SecRuleEngine On/g' /etc/apache2/modsecurity.d/modsecurity.conf && \
+ a2enmod proxy proxy_http
+
+COPY proxy.conf /etc/apache2/modsecurity.d/proxy.conf
+COPY docker-entrypoint.sh /
+
+RUN chmod 777 /docker-entrypoint.sh
+
+COPY .htaccess /var/www/html/.htaccess
+COPY apache2.conf /etc/apache2/apache2.conf
+
+EXPOSE 80
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["apachectl", "-D", "FOREGROUND"]
|