Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/marknjunge/docker-nginx-modsecurity

NGINX set up with ModSecurity enabled and configured with Open Web Application Security Project Core Rule Set (OWASP CRS). All running on docker.
https://github.com/marknjunge/docker-nginx-modsecurity

docker modsecurity modsecurity-nginx nginx nginx-docker owasp owasp-crs-core-rule-set

Last synced: 3 months ago
JSON representation

NGINX set up with ModSecurity enabled and configured with Open Web Application Security Project Core Rule Set (OWASP CRS). All running on docker.

Awesome Lists containing this project

README 

        
# Docker + NGINX + ModSecurity + OWASP CRS



NGINX set up with ModSecurity enabled and configured with Open Web Application Security Project Core Rule Set (OWASP CRS). All running on docker.



```

docker run --name nginx-modsec -d -p 80:80 marknjunge/nginx-modsec

```



## Installation



```bash

git clone https://marknjunge.com/nginx-modsec.git



cd nginx-modsec



docker build -t marknjunge/nginx-modsec

or

./build.sh

```



**Note:** Building takes a while (even up to 15 minutes) because of compiling ModSecurity. Unless you have reason not to, it's better to use my image `marknjunge/nginx-modsec` as a base and copy your own config files.



## Usage



```

docker run --name nginx-modsec -d -p 80:80 marknjunge/nginx-modsec

```



## NGINX Configuration



To modify NGINX Configuration, edit [./nginx/nginx.conf](./nginx/nginx.conf) and [./nginx/conf.d/](./nginx/conf.d/).



## ModSecurity Configuration



ModSecurity is pre-configured with [OWASP CRS](https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project).



To add your own rules, modify [./modsec/main.conf](./modsec/main.conf).