DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix definition order of modsecurity directives

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2020-04-01 22:04:36 -03:00
parent b33c9a21a5
commit 5390ce4879
3 changed files with 85 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

16
internal/ingress/controller/template/template.go
View file

@ -1360,12 +1360,6 @@ func buildModSecurityForLocation(cfg config.Configuration, location *ingress.Loc
if !isMSEnabled {
buffer.WriteString(`modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf;
`)
}
if !cfg.EnableOWASPCoreRules && location.ModSecurity.OWASPRules {
buffer.WriteString(`modsecurity_rules_file /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf;
`)
}
@ -1381,6 +1375,16 @@ modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf;
`, location.ModSecurity.TransactionID))
}
if !isMSEnabled {
buffer.WriteString(`modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf;
`)
}
if !cfg.EnableOWASPCoreRules && location.ModSecurity.OWASPRules {
buffer.WriteString(`modsecurity_rules_file /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf;
`)
}
return buffer.String()
}