Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

improve crowdsec example and disable modsec logging when not necessary

Browse Source
This commit is contained in:
bunkerity 2021-04-27 11:21:30 +02:00
parent 843644f806
commit 813607fbc3
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
confs/site/modsecurity-rules.conf
View File

@ -50,7 +50,6 @@ SecResponseBodyLimitAction ProcessPartial
# log usefull stuff # log usefull stuff
SecAuditEngine RelevantOnly SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecAuditLogType Serial SecAuditLogType Serial
SecAuditLog /var/log/nginx/modsec_audit.log SecAuditLog /var/log/nginx/modsec_audit.log

20
examples/crowdsec/bouncer_key.sh
View File

@ -1,3 +1,23 @@
#!/bin/sh #!/bin/sh
# first, you need to run the crowdsec service
echo "running crowdsec service ..."
docker-compose up -d mycrowdsec
# wait a little until it's up
sleep 10
# get the bouncer key
docker-compose exec mycrowdsec cscli bouncers add MyBouncer docker-compose exec mycrowdsec cscli bouncers add MyBouncer
# enter the key into the CROWDSEC_KEY environment variable
read -p -s "edit CROWDSEC_KEY env var in docker-compose.yml file and press enter"
# start all services
docker-compose up -d
# wait a little until it's up
sleep 10
# restart crowdsec so it reads the log files
docker-compose restart mycrowdsec