Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DOC] CRS files in Multisite Setup #1445

Closed
1 task done
MrCybertux opened this issue Sep 3, 2024 · 2 comments
Closed
1 task done

[DOC] CRS files in Multisite Setup #1445

MrCybertux opened this issue Sep 3, 2024 · 2 comments
Assignees
@TheophileDiot
Labels
documentation Improvements or additions to documentation

Comments

@MrCybertux
Copy link

Description

I have a small homeserver and wanted to run multiple services with Bunkerweb.
I have got everything up and running besides that the CRS exclusions i write are not loaded.
I choose the file based method to write my rules since i am used to that way from the previous product Bunkerized Nginx.
I think my Problem is either the location i am placing the files in or the way the rules a written.
They have this format:

SecAction \
    "id:900200,\
    phase:1,\
    nolog,\
    pass,\
    t:none,\
    setvar:'tx.allowed_methods=GET POST HEAD COPY DELETE LOCK MKCOL MOVE PROPFIND PROPPATCH PUT UNLOCK OPTIONS'"

Since the docs tell you to use echo i also tried putting everything into one line
SecAction id:900200, phase:1, nolog, pass, t:none, setvar:'tx.allowed_methods=GET POST HEAD COPY DELETE LOCK MKCOL MOVE PROPFIND PROPPATCH PUT UNLOCK OPTIONS'
both did not work.
The config files were placed in both formats in the following ways:

in ./bw-data/configs/modsec/example1.net/csr.conf
and in ./bw-data/configs/modsec/example1.net.conf

it did not work none of my exclusions were loaded as i could see with Docker compose logs.
I think it would be great if this could be clarified in the docs.

Proposed solution (optional)

Maybe a dedicated section or example of how a multisite setup with those files should look like.

Code of Conduct

  • I agree to follow this project's Code of Conduct
@MrCybertux MrCybertux added the documentation Improvements or additions to documentation label Sep 3, 2024
@TheophileDiot
Copy link
Member

Hi, thank you for opening this documentation enhancement idea and sorry for the (very) late response. Indeed this part can be a bit tricky. We'll have a look into it and let you know :D

@TheophileDiot TheophileDiot self-assigned this Oct 21, 2024
@MrCybertux
Copy link
Author

Hi, thank you for opening this documentation enhancement idea and sorry for the (very) late response. Indeed this part can be a bit tricky. We'll have a look into it and let you know :D

Sorry for my late reply too.
I have noticed something that might be helpful for some.
If in the bunkerweb Container the volume is defined as follows the Folders are all created and just need to be filled:
volumes:
- ./bw-data:/data
- ./bw-data/configs/:/data/configs/:ro

I have got this idea from a docker-compose file that was created by Mr Pittance for Bunkerized Nginx while i had a support case with him.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@TheophileDiot TheophileDiot

Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TheophileDiot @MrCybertux