Verified Commit b80f575d authored by tr's avatar tr
Browse files

Copy an empty rules configuration

parent 774f8639
......@@ -95,6 +95,8 @@ RUN mkdir -p /var/log/{nginx,modsecurity} && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log
COPY rules.conf /etc/modsecurity/rules/
VOLUME /etc/modsecurity/rules/
EXPOSE 80
......
# -- ModSecurity Set Base Configuration --------------------------------------
# Buffer request bodies of up to 10 MiB in length.
#SecRequestBodyLimit 10485760
# Buffer response bodies of up to 10 MiB in length.
#SecResponseBodyLimit 10485760
# -- ModSecurity Core Rule Set Base Configuration (ids: 900000-900999) -------
#SecAction "id:900000,phase:1,pass,nolog,\
# setvar:tx.paranoia_level=3"
#SecAction \
# "id:900110,\
# phase:1,\
# nolog,\
# pass,\
# t:none,\
# setvar:tx.inbound_anomaly_score_threshold=9999,\
# setvar:tx.outbound_anomaly_score_threshold=9999"
# -- Service-specific before Core-Rules (ids: 10000-49999) -------------------
#SecRule REQUEST_URI "@beginsWith /" \
# "phase:1,nolog,pass,id:10000,\
# ctl:ruleRemoveById="
server {
listen *:80 default;
listen [::]:80 default;
server_name _;
modsecurity on;
client_max_body_size 512M;
listen *:80 default;
listen [::]:80 default;
server_name _;
modsecurity on;
modsecurity_rules_file /etc/modsecurity/modsecurity.conf;
client_max_body_size 512M;
location / {
root /var/www;
modsecurity_rules_file /etc/modsecurity/modsecurity.conf;
root /var/www;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment