← Back to team overview

wordpress-charmers team mailing list archive

  1. wordpress-charmers team
  2. Mailing list archive
  3. Message #00805

[Merge] ~sajoupa/charm-k8s-wordpress:modsecurity into charm-k8s-wordpress:master

  Thread PreviousDate PreviousThread Next 
Laurent Sesquès has proposed merging ~sajoupa/charm-k8s-wordpress:modsecurity into charm-k8s-wordpress:master.

Requested reviews:
  Wordpress Charmers (wordpress-charmers)

For more details, see:
https://code.launchpad.net/~sajoupa/charm-k8s-wordpress/+git/charm-k8s-wordpress/+merge/414357
-- 
Your team Wordpress Charmers is requested to review the proposed merge of ~sajoupa/charm-k8s-wordpress:modsecurity into charm-k8s-wordpress:master.

diff --git a/Dockerfile b/Dockerfile
index a338c56..5112834 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,6 +25,7 @@ RUN apt-get update && apt-get -y dist-upgrade \
             git \
             libapache2-mod-php \
             libgmp-dev \
+            modsecurity-crs \
             php \
             php-curl \
             php-gd \
@@ -44,7 +45,9 @@ RUN apt-get update && apt-get -y dist-upgrade \
         && ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log" \
         && ln -sfT /dev/stdout "$APACHE_LOG_DIR/access.log" \
         && ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log" \
-        && chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR"
+        && chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR" \
+        && cp -p /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf \
+        && sed -i -e 's/^SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/modsecurity/modsecurity.conf
 
 # Configure PHP and apache2 - mod_php requires us to use mpm_prefork
 COPY ./image-builder/files/docker-php.conf $APACHE_CONFDIR/conf-available/docker-php.conf

References

  Thread PreviousDate PreviousThread Next