Provides containerized Nginx reverse-proxy with ModSecurity WAF library, ModSecurity-nginx module and OWASP Core Rule Set (CRS).
Based on official Nginx Docker image.
ModSecurity WAF is installed and included as a dynamic module according to the official documentation.
Below the list of current supported version combinations between Nginx, ModSecurity WAF, ModSecurity-nginx and OWASP Core Rule Set (CRS).
| Nginx | ModSecurity | ModSecurity-nginx | OWASP Core Rule Set (CRS) |
|---|---|---|---|
| 1.22.1 | 3.0.8 | 1.0.3 | 3.3.4 |
See Nginx Docker image documentation for advanced usage examples.
$ docker run --name some-nginx -v /some/content:/usr/share/nginx/html:ro -d nginx
For testing purposes use the nginx server default.conf configuration file with ModSecurity WAF enabled.
WAF Bypass Tool is used to analyze the WAF runtime protection to compare different WAFs.
$ cd test
$ docker-compose run waf-anylizer
...
See the LICENSE.md file for details.