digitaldemocratic/dd-sso/docker/waf-modsecurity/Dockerfile

# Install Modsecurity in a Docker container
FROM ubuntu:20.04 as production
ARG DEBIAN_FRONTEND=noninteractive

# update/upgrade your system
# Install Required Dependencies
RUN apt-get update && apt-get install -y \
	g++ flex bison curl apache2-dev \
	doxygen libyajl-dev ssdeep liblua5.2-dev \
	libgeoip-dev libtool dh-autoreconf \
	libcurl4-gnutls-dev libxml2 libpcre++-dev \
	libxml2-dev git wget tar apache2 \
    && rm -rf /var/lib/apt/lists/*

# Download LibModsecurity. Extract the Downloaded File. Compile and Install LibModsecurity
RUN wget https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.8/modsecurity-v3.0.8.tar.gz \
	&& tar xzf modsecurity-v3.0.8.tar.gz && rm -rf modsecurity-v3.0.8.tar.gz \
	&& cd modsecurity-v3.0.8 && \
	./build.sh && ./configure && \
	make && make install

# Install ModSecurity-Apache Connector
RUN cd ~ && git clone https://github.com/SpiderLabs/ModSecurity-apache \
	&& cd ~/ModSecurity-apache && \
	./autogen.sh && \
	./configure --with-libmodsecurity=/usr/local/modsecurity/ && \
	make && \
	make install

# logs should go to stdout / stderr
RUN set -ex \
	&& ln -sfT /dev/stderr /var/log/apache2/error.log \
	&& ln -sfT /dev/stdout /var/log/apache2/access.log \
	&& ln -sfT /dev/stdout /var/log/apache2/other_vhosts_access.log

# Load the Apache ModSecurity Connector Module
RUN echo "LoadModule security3_module /usr/lib/apache2/modules/mod_security3.so" >> /etc/apache2/apache2.conf

# Configure ModSecurity
RUN mkdir -p /etc/apache2/modsecurity.d/dd-rules && \
	cp modsecurity-v3.0.8/modsecurity.conf-recommended /etc/apache2/modsecurity.d/modsecurity.conf && \
	cp modsecurity-v3.0.8/unicode.mapping /etc/apache2/modsecurity.d/ && \
	sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/apache2/modsecurity.d/modsecurity.conf

ADD modsec_rules.conf /etc/apache2/modsecurity.d/

# Install OWASP ModSecurity Core Rule Set (CRS) on Ubuntu
RUN git clone --depth=1 https://github.com/SpiderLabs/owasp-modsecurity-crs.git /etc/apache2/modsecurity.d/owasp-crs
ADD crs-setup.conf /etc/apache2/modsecurity.d/owasp-crs/crs-setup.conf

# Activate ModSecurity
RUN mv /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default.conf.old
ADD 000-default.conf /etc/apache2/sites-available/
ADD rules_apps.conf /etc/apache2/modsecurity.d/owasp-crs/rules/000-dd-apps.conf

RUN a2enmod proxy_http

#EXPOSE 80
#USER www-data
#HEALTHCHECK --interval=5s --timeout=3s CMD curl --fail http://localhost || exit 1
# Set and run a custom entrypoint
COPY docker-entrypoint.sh /
RUN chmod 777 /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]

# Testing ModSecurity
#curl http://<SERVER-IP/DOMAIN>/index.php?exec=/bin/bash
exclude rules 2022-11-10 00:28:20 +01:00			`# Install Modsecurity in a Docker container`
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`FROM ubuntu:20.04 as production`
			`ARG DEBIAN_FRONTEND=noninteractive`

update readme 2022-11-15 11:07:30 +01:00			`# update/upgrade your system`
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`# Install Required Dependencies`
update readme 2022-11-15 11:07:30 +01:00			`RUN apt-get update && apt-get install -y \`
			`g++ flex bison curl apache2-dev \`
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`doxygen libyajl-dev ssdeep liblua5.2-dev \`
			`libgeoip-dev libtool dh-autoreconf \`
			`libcurl4-gnutls-dev libxml2 libpcre++-dev \`
update readme 2022-11-15 11:07:30 +01:00			`libxml2-dev git wget tar apache2 \`
			`&& rm -rf /var/lib/apt/lists/*`
Initial config modsecurity 2022-10-25 13:48:10 +02:00
update readme 2022-11-15 11:07:30 +01:00			`# Download LibModsecurity. Extract the Downloaded File. Compile and Install LibModsecurity`
			`RUN wget https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.8/modsecurity-v3.0.8.tar.gz \`
			`&& tar xzf modsecurity-v3.0.8.tar.gz && rm -rf modsecurity-v3.0.8.tar.gz \`
			`&& cd modsecurity-v3.0.8 && \`
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`./build.sh && ./configure && \`
			`make && make install`

			`# Install ModSecurity-Apache Connector`
update readme 2022-11-15 11:07:30 +01:00			`RUN cd ~ && git clone https://github.com/SpiderLabs/ModSecurity-apache \`
			`&& cd ~/ModSecurity-apache && \`
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`./autogen.sh && \`
			`./configure --with-libmodsecurity=/usr/local/modsecurity/ && \`
			`make && \`
			`make install`

exclude rules 2022-11-10 00:28:20 +01:00			`# logs should go to stdout / stderr`
			`RUN set -ex \`
			`&& ln -sfT /dev/stderr /var/log/apache2/error.log \`
			`&& ln -sfT /dev/stdout /var/log/apache2/access.log \`
			`&& ln -sfT /dev/stdout /var/log/apache2/other_vhosts_access.log`

Initial config modsecurity 2022-10-25 13:48:10 +02:00			`# Load the Apache ModSecurity Connector Module`
			`RUN echo "LoadModule security3_module /usr/lib/apache2/modules/mod_security3.so" >> /etc/apache2/apache2.conf`

			`# Configure ModSecurity`
exclude rules 2022-11-10 00:28:20 +01:00			`RUN mkdir -p /etc/apache2/modsecurity.d/dd-rules && \`
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`cp modsecurity-v3.0.8/modsecurity.conf-recommended /etc/apache2/modsecurity.d/modsecurity.conf && \`
			`cp modsecurity-v3.0.8/unicode.mapping /etc/apache2/modsecurity.d/ && \`
			`sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/apache2/modsecurity.d/modsecurity.conf`
update readme 2022-11-15 11:07:30 +01:00
Initial config modsecurity 2022-10-25 13:48:10 +02:00			`ADD modsec_rules.conf /etc/apache2/modsecurity.d/`

			`# Install OWASP ModSecurity Core Rule Set (CRS) on Ubuntu`
update readme 2022-11-15 11:07:30 +01:00			`RUN git clone --depth=1 https://github.com/SpiderLabs/owasp-modsecurity-crs.git /etc/apache2/modsecurity.d/owasp-crs`
exclude rules 2022-11-10 00:28:20 +01:00			`ADD crs-setup.conf /etc/apache2/modsecurity.d/owasp-crs/crs-setup.conf`
Initial config modsecurity 2022-10-25 13:48:10 +02:00
			`# Activate ModSecurity`
			`RUN mv /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default.conf.old`
enable and disable modsecurity env_var 2022-11-22 23:05:54 +01:00			`ADD 000-default.conf /etc/apache2/sites-available/`
			`ADD rules_apps.conf /etc/apache2/modsecurity.d/owasp-crs/rules/000-dd-apps.conf`
Initial config modsecurity 2022-10-25 13:48:10 +02:00
			`RUN a2enmod proxy_http`

config vhost and dd rules modsecurity on volumen 2022-11-18 17:27:14 +01:00			`#EXPOSE 80`
			`#USER www-data`
			`#HEALTHCHECK --interval=5s --timeout=3s CMD curl --fail http://localhost \|\| exit 1`
enable and disable modsecurity env_var 2022-11-22 23:05:54 +01:00			`# Set and run a custom entrypoint`
			`COPY docker-entrypoint.sh /`
			`RUN chmod 777 /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh`
			`ENTRYPOINT ["/docker-entrypoint.sh"]`
Initial config modsecurity 2022-10-25 13:48:10 +02:00
			`# Testing ModSecurity`
exclude rules 2022-11-10 00:28:20 +01:00			`#curl http://<SERVER-IP/DOMAIN>/index.php?exec=/bin/bash`