search

coreruleset / modsecurity-crs-docker

Official ModSecurity Docker + Core Rule Set (CRS) images
https://coreruleset.org
Apache License 2.0
237 stars 62 forks source link

Image broken after pull request #239 #243

Closed ruipin closed 2 months ago

ruipin commented 2 months ago

Thanks for your work!

Unfortunately, pull request #239 broke my setup using nginx-alpine.

To fix it I had to force the following values inside my docker compose:

MODSEC_AUDIT_STORAGE_DIR: /var/log/modsecurity/audit/
MODSEC_DISABLE_BACKEND_COMPRESSION: 'Off'
MODSEC_UPLOAD_KEEP_FILES: 'Off'

The first one seems to be due to a typo - MODSEC_AUDIT_STORAGE_DIR is used by the new file, but the environment variable that is used for the default value is MODSEC_AUDIT_STORAGE.

The second one doesn't seem to have a default value.

The third one would complain that RelevantOnly was not a valid value, and it needed On or Off.

fzipi commented 2 months ago

Thanks for reporting this one!

theseion commented 2 months ago

Should be fixed with #244.