fix CVE-2021-20205 and examples update

examples/drupal/docker-compose.yml

@@ -0,0 +1,43 @@
+version: '3'
+
+services:
+
+  mywww:
+    image: bunkerity/bunkerized-nginx
+    restart: always
+    ports:
+      - 80:8080
+      - 443:8443
+    volumes:
+      - ./drupal-files:/www:ro
+      - ./letsencrypt:/etc/letsencrypt
+      #- ./server-confs:/server-confs:ro         # custom confs at server context for permalinks
+      - ./modsec-crs-confs:/modsec-crs-confs:ro # custom Core Rule Set confs to add Drupal exclusions
+    environment:
+      - SERVER_NAME=www.website.com             # replace with your domain
+      - AUTO_LETS_ENCRYPT=yes
+      - REDIRECT_HTTP_TO_HTTPS=yes
+      - DISABLE_DEFAULT_SERVER=yes
+      - MAX_CLIENT_SIZE=50m
+      - USE_CLIENT_CACHE=yes
+      - USE_GZIP=yes
+      - USE_BROTLI=yes
+      - REMOTE_PHP=mydrupal
+      - REMOTE_PHP_PATH=/var/www/html
+
+  mydrupal:
+    image: drupal:fpm-alpine
+    restart: always
+    volumes:
+      - ./drupal-files:/var/www/html
+
+  mydb:
+    image: mariadb
+    restart: always
+    volumes:
+      - ./db-data:/var/lib/mysql
+    environment:
+      - MYSQL_ROOT_PASSWORD=db-root-pwd         # replace with a stronger password
+      - MYSQL_DATABASE=drupaldb
+      - MYSQL_USER=user
+      - MYSQL_PASSWORD=db-user-pwd              # replace with a stronger password

examples/drupal/modsec-crs-confs/drupal.conf

@@ -0,0 +1,7 @@
+SecAction \
+ "id:900130,\
+  phase:1,\
+  nolog,\
+  pass,\
+  t:none,\
+  setvar:tx.crs_exclusions_drupal=1"