Verified Commit c41c1dbf authored by tr's avatar tr
Browse files

Describe more about rules

parent dac6d745
......@@ -12,7 +12,57 @@ Usage
```
$ docker run \
--volume modsecurity:/etc/modsecurity/rules/ \
--publish 80:80 \
--volume modsecurity-rules:/etc/modsecurity/rules/:ro \
--publish 8080:80 \
registry.code.immerda.ch/netlab/apps/nginx-modsecurity
```
Environment
-----------
* `TLS`: Enable TLS and listen on port :443 by default. Defaults to `0`.
* `BODY_SIZE`: Client max body size. Defaults to `10M`.
* `BACKEND`: Switch to reverse proxy mode and forward traffic to this back-end.
Rules
-----
```
# -- ModSecurity Set Base Configuration --------------------------------------
# Buffer request bodies of up to 512 MiB in length.
SecRequestBodyLimit 536870912
# Buffer response bodies of up to 512 MiB in length.
SecResponseBodyLimit 536870912
# -- ModSecurity Core Rule Set Base Configuration (ids: 900000-900999) -------
SecAction "id:900000,phase:1,pass,nolog,\
setvar:tx.paranoia_level=3"
SecAction \
"id:900130,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:tx.crs_exclusions_nextcloud=1"
# -- Service-specific before Core-Rules (ids: 10000-49999) -------------------
SecAction "id:80000,phase:5,nolog,pass,\
sanitiseArg:password,\
sanitiseArg:newpassword"
SecAction "id:80001,phase:5,nolog,pass,\
sanitiseRequestHeader:Authorization"
SecRule ARGS_NAMES password "id:80002,phase:5,nolog,pass,\
sanitiseMatched"
# Invalid character in request (outside of printable chars below ascii 127)
SecRule REQUEST_URI "@beginsWith /login" "phase:1,nolog,pass,id:10000,ctl:ruleRemoveById=920272;"
```
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment