DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add a Snippet for ModSecurity

Browse source 
Allows for the configuration of Mod Security rules via
a Snippet.
This commit is contained in:
Fernando Diaz 2018-11-14 19:24:57 -06:00
parent a22c656f30
commit 95b3042b6e
5 changed files with 70 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

9
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -1024,9 +1024,14 @@ stream {
{{ if (or $location.ModSecurity.Enable $all.Cfg.EnableModsecurity) }}
modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf;
{{ if (or $location.ModSecurity.OWASPRules $all.Cfg.EnableOWASPCoreRules) }}
{{ if $location.ModSecurity.Snippet }}
modsecurity_rules '
{{ $location.ModSecurity.Snippet }}
';
{{ else if (or $location.ModSecurity.OWASPRules $all.Cfg.EnableOWASPCoreRules) }}
modsecurity_rules_file /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf;
{{ else }}
modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf;
{{ end }}
{{ if (not (empty $location.ModSecurity.TransactionID)) }}