Skip to content
This repository has been archived by the owner on Jan 14, 2024. It is now read-only.

Commit

Permalink
feat: Config tweaks for Wordpress
Browse files Browse the repository at this point in the history
  • Loading branch information
John Doe committed May 22, 2022
1 parent f29b492 commit 989762e
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 9 deletions.
1 change: 1 addition & 0 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ ENV ENABLE_RULE_WORDPRESS=false \
WP_ENABLE_DOS_PROTECTION=true \
ENABLE_CORAZA_WAF=true \
ENABLE_CRS=false \
ENABLE_RULE_DRUPAL=false \
ENABLE_RATE_LIMITER=false \
RATE_LIMIT_EVENTS=30 \
RATE_LIMIT_WINDOW=5s \
Expand Down
22 changes: 13 additions & 9 deletions container-files/usr/templates/Caddyfile.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,7 @@ http://{{ upstream.Hostname }}:{{ CADDY_PORT }} {
{%- if ENABLE_CORAZA_WAF %}
coraza_waf {
{%- if ENABLE_RULE_WORDPRESS %}
#include /etc/caddy/rules/wordpress/rules.conf
#include /etc/caddy/rules/wordpress/shared/02-INITIALIZATION.conf
#include /etc/caddy/rules/wordpress/shared/03-BRUTEFORCE.conf
#include /etc/caddy/rules/wordpress/shared/04-EVENTS.conf
include /etc/caddy/rules/wordpress/shared/crs-attacks.conf

{% if WP_HARDENED %}
#include /etc/caddy/rules/wordpress/shared/05-HARDENING.conf
{% endif %}

{% endif -%}

{%- if ENABLE_RULE_CORAZA_RECOMMENDED %}
Expand All @@ -32,6 +23,19 @@ http://{{ upstream.Hostname }}:{{ CADDY_PORT }} {

{% if ENABLE_CRS %}
include /etc/caddy/rules/owasp-crs/*.conf

{% if ENABLE_RULE_WORDPRESS %}
directives `
SecAction "id:900130,phase:1,nolog,pass,t:none,setvar:tx.crs_exclusions_wordpress=1
`
{% endif %}

{% if ENABLE_RULE_DRUPAL %}
directives `
SecAction "id:900130,phase:1,nolog,pass,t:none,setvar:tx.crs_exclusions_drupal=1
`
{% endif %}

{% endif %}

# mount your volume/configmap there
Expand Down

0 comments on commit 989762e

Please sign in to comment.