Closed yeslem41 closed 1 year ago
zit-hb
commented
2 years ago Hello @yeslem41 ,
You also have to copy the code of shadowd_php to the container, otherwise there is nothing to be included by auto_prepend_file. You will also have to copy a configuration file to /etc/shadowd/connectors.ini in the container.
yeslem41
commented
2 years ago hi @zit-hb, thank you for helping i copied file to my container but i have a problem of connection to the shadowd server
this is my connectors.ini
[shadowd_php]
; Sets the profile id. Required.
profile=3
; Sets the key for the profile. Required.
key=mohamed
; Sets the address of the shadowd server.
; Default Value: 127.0.0.1
host=localhost
; Sets the port of the shadowd server.
; Default Value: 9115
;port
; Sets the connection timeout (in seconds).
; Default Value: 5
;timeout=
; Sets the path to the public key and enables SSL. It requires enabled SSL in
; shadowd, otherwise the connection will fail.
;ssl=
; If activated threats are not removed. This can be used to test new rules without
; making the web application unusable. It can be also used to turn Shadow Daemon
; into a high-interaction web honeypot.
; Possible Values:
; 0
; 1
; Default Value: 0
; If activated the templating system will print proper error messages instead of a
; generic error.
; Possible Values:
; 0
; 1
; Default Value: 1
;templates=
; If activated log messages are send to the web server and saved in the log file.
; Additionally, stack traces for exceptions are shown in the templates.
; Possible Values:
; 0
; 1
; Default Value: 0
debug=1
; If set the ignore list is used to ignore certain parameters and not send them to
; the shadowd server. It is good practise to not send passwords or other very
; sensitive information to the server.
;ignore=
; If activated raw post data is saved as user input. The raw data is hard to analyze,
; but can be a source for malicious input as well.
; Possible Values:
; 0
; 1
; Default Value: 0
;raw_data=
; Sets the source for the client ip. It is a key of $_SERVER. If you are using a
; reverse proxy or something similar forward the real client ip and reference it
; here, e.g., HTTP_X_FORWARDED_FOR.
; Default Value: REMOTE_ADDR
; Sets the source for the caller. It is a key of $_SERVER. If you are using web
; application with a front controller or something like that change it to PHP_SELF.
; Default Value: SCRIPT_FILENAME
;caller=
; Sets the source for the resource identifier. It is a key of $_SERVER.
; Default Value: REQUEST_URI
;resource=`and the error is
yeslem41
commented
2 years ago please someone help me, i have just one day before the representation of my work.
zit-hb
commented
2 years ago You have specified localhost as host and it is executed in the php container. shadowd is not running in this container but in its own, and the port is forwarded to the host system. So in this config, you should likely enter the IP of your host system.
yeslem41
commented
2 years ago @zit-hb thank you
yeslem41
commented
2 years ago hi @zit-hb
now i face this error, i don't use any ssl
zit-hb
commented
2 years ago Hi @yeslem41,
can you post your current config please? The error message means that stream_socket_client failed but it did not return an error.
yeslem41
commented
2 years ago `[shadowd_php]
; Sets the profile id. Required.
profile=3
; Sets the key for the profile. Required.
key=mohamed
; Sets the address of the shadowd server.
; Default Value: 127.0.0.1
host=172.27.16.1
; Sets the port of the shadowd server.
; Default Value: 9115
;port
; Sets the connection timeout (in seconds).
; Default Value: 5
;timeout=
; Sets the path to the public key and enables SSL. It requires enabled SSL in
; shadowd, otherwise the connection will fail.
;ssl=
; If activated threats are not removed. This can be used to test new rules without
; making the web application unusable. It can be also used to turn Shadow Daemon
; into a high-interaction web honeypot.
; Possible Values:
; 0
; 1
; Default Value: 0
; If activated the templating system will print proper error messages instead of a
; generic error.
; Possible Values:
; 0
; 1
; Default Value: 1
;templates=
; If activated log messages are send to the web server and saved in the log file.
; Additionally, stack traces for exceptions are shown in the templates.
; Possible Values:
; 0
; 1
; Default Value: 0
debug=1
; If set the ignore list is used to ignore certain parameters and not send them to
; the shadowd server. It is good practise to not send passwords or other very
; sensitive information to the server.
;ignore=
; If activated raw post data is saved as user input. The raw data is hard to analyze,
; but can be a source for malicious input as well.
; Possible Values:
; 0
; 1
; Default Value: 0
;raw_data=
; Sets the source for the client ip. It is a key of $_SERVER. If you are using a
; reverse proxy or something similar forward the real client ip and reference it
; here, e.g., HTTP_X_FORWARDED_FOR.
; Default Value: REMOTE_ADDR
; Sets the source for the caller. It is a key of $_SERVER. If you are using web
; application with a front controller or something like that change it to PHP_SELF.
; Default Value: SCRIPT_FILENAME
;caller=
; Sets the source for the resource identifier. It is a key of $_SERVER.
; Default Value: REQUEST_URI
;resource=`Thanks. In general, it does not look bad. My guess is that the host is still wrong. It looks like it is the Docker internal IP address, but as far as I know it can change. Instead I would use the IP address of the host system (ip a). This will work since by default shadowdctl opens the shadowd port in the host system.
zit-hb
commented
1 year ago Closing this due to inactivity. Feel free to reopen the issue if it is still a problem.
hi everyone i'm working on deploy laravel project on docker and use shadowd as waf, laravel project work probly on docker with nginx but when i try to configure show i find this output
nginx configuration:
my docker compose
dockerfile
two networks are on docker :
please someone help me.