ModSecurity Docker Setup

This project provides a ready-to-use ModSecurity WAF (Web Application Firewall) setup with Docker for easy deployment and management. It includes essential configurations such as ModSecurity rules, Nginx settings, and ports configuration, all packaged within a Docker container.

Overview

The ModSecurity Docker setup is designed for fast and secure web application protection. The Docker container includes the necessary configuration files to get you up and running with ModSecurity and Nginx in no time.

Features

• ModSecurity: Open-source WAF for application-layer protection.
• Nginx: Web server for reverse proxy and handling traffic.
• Dockerized Setup: Easy to deploy using Docker.
• Customizable Rules: Pre-configured security rules in rules/WAF.conf.
• Nginx Configuration: Fully customizable through nginx.conf and example.conf.
• Port Management: Easily configure accessible ports in ports/example.conf.

Directory Structure

crs-setup.conf/
├── dockerfile            # Dockerfile for the project
├── modsecurity.conf      # Main ModSecurity configuration file
├── nginx.conf            # Nginx configuration file
├── ports/
│   └── example.conf      # Port configurations for container
└── rules/
    └── WAF.conf          # ModSecurity rules file for security

Files in Detail:

• Dockerfile: Defines the Docker container for ModSecurity and Nginx.
• modsecurity.conf: Main configuration file for ModSecurity.
• nginx.conf: Configuration for Nginx to work with ModSecurity.
• example.conf: Port management configuration.
• WAF.conf: ModSecurity rules file for optimal web security.

Requirements

• Docker: Ensure Docker is installed on your machine. If you don't have Docker installed, you can get it from here.

• Docker Compose (Optional): If you're using Docker Compose for orchestration, this setup will work seamlessly with it.

Quick Start Guide

1. Clone the repository:

   git clone https://github.com/yourusername/modsecurity-docker-setup.git
   cd modsecurity-docker-setup

2. Build the Docker container:

   docker build -t modsecurity-nginx .

3. Run the container:

   docker run -d -p 80:80 -p 443:443 modsecurity-nginx

4. Verify the setup:

   • Open your browser and navigate to http://localhost (or your server's IP).
   • If the setup is successful, you should be able to see your web application running with ModSecurity enabled.

Configuration

• ModSecurity settings can be modified via modsecurity.conf.
• Nginx settings can be updated in nginx.conf.
• Ports can be changed through ports/example.conf.
• Modify security rules in rules/WAF.conf as needed.

How It Works

• The dockerfile installs the necessary dependencies, sets up ModSecurity, and configures Nginx.
• ModSecurity is enabled in the Nginx configuration to protect web applications from a wide range of attacks.
• All configuration files are customizable and allow for advanced custom rule implementations.

Contributing

Contributions are welcome! If you'd like to contribute to the project, feel free to fork the repository, create a new branch, and submit a pull request.

Steps for Contribution:

1. Fork the repository.
2. Create a new feature branch (git checkout -b feature-name).
3. Make your changes and commit them (git commit -m 'Add new feature').
4. Push to your fork (git push origin feature-name).
5. Open a pull request.

License

This project is licensed under the MIT License - see the LICENSE file for details.