Created
September 23, 2021 18:53
-
-
Save LaurenceJJones/86a68649f3f9fbab3b2fce6f8a12ca57 to your computer and use it in GitHub Desktop.
Nginx WAF Lab
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This docker-compose file starts owasp/modsecurity-crs | |
# | |
# ATTENTION! | |
# Some of the environment variables at the bottom of this | |
# docker-compose.yaml file and TLS are only available | |
# for self-built images based on Dockerfile-2.9-apache, | |
# and only if build args SETTLS and SETPROXY were set during | |
# the build of the parent owasp/modsecurity:2.9-apache image. | |
# Disclaimer! Only expose any ports if you are in a controlled enviroment (Virtual machine on computer or server not exposed on the internet) | |
# You take the risk of leaving this application exposed | |
version: "3" | |
services: | |
crs: | |
image: owasp/modsecurity-crs:v3.3.2-nginx | |
ports: | |
- "80:80" | |
#- "443:443" | |
environment: | |
- SERVERNAME=localhost | |
- PARANOIA=1 | |
- ANOMALY_INBOUND=5 | |
- ANOMALY_OUTBOUND=4 | |
# PROXYLOCATION: Application Backend of Reverse Proxy | |
- BACKEND=http://dvwa | |
# CRS Variables with Default Value unlimited | |
####################################################### | |
#- MAX_NUM_ARGS=255 | |
#- ARG_NAME_LENGTH=100 | |
#- ARG_LENGTH=400 | |
#- TOTAL_ARG_LENGTH=64000 | |
#- MAX_FILE_SIZE=1048576 | |
#- COMBINED_FILE_SIZES=1048576 | |
volumes: | |
- ./REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf | |
- ./RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf | |
dvwa: | |
image: vulnerables/web-dvwa | |
ports: | |
## Expose port below if you would like an easy way to compare between blocked and allowed | |
#- "8080:80" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment