examples - nextcloud fix and moodle

examples/nextcloud/docker-compose.yml

@@ -13,6 +13,7 @@ services:
       - ./letsencrypt:/etc/letsencrypt
       - ./server-confs:/server-confs         # custom nginx confs at server context to make Nextcloud working
       - ./modsec-crs-confs:/modsec-crs-confs # custom Core Rule Set confs to add Nextcloud exclusions
+      - ./modsec-confs:/modsec-confs         # disable some false positive
     environment:
       - SERVER_NAME=www.website.com          # replace with your domain
       - AUTO_LETS_ENCRYPT=yes
@@ -23,7 +24,7 @@ services:
       - REMOTE_PHP_PATH=/var/www/html
       - LIMIT_REQ_RATE=40r/s
       - LIMIT_REQ_BURST=60
-      - ALLOWED_METHODS=GET|POST|HEAD|PROPFIND|DELETE|PUT
+      - ALLOWED_METHODS=GET|POST|HEAD|PROPFIND|DELETE|PUT|MKCOL|MOVE|COPY|PROPPATCH|REPORT
 
   mync:
     image: nextcloud:stable-fpm

examples/nextcloud/modsec-confs/nextcloud.conf

@@ -0,0 +1 @@
+SecRuleRemoveById 921110

examples/nextcloud/modsec-crs-confs/nextcloud.conf

@@ -5,3 +5,11 @@ SecAction \
   pass,\
   t:none,\
   setvar:tx.crs_exclusions_nextcloud=1"
+
+SecAction \
+ "id:900200,\
+  phase:1,\
+  nolog,\
+  pass,\
+  t:none,\
+  setvar:'tx.allowed_methods=GET HEAD POST PROPFIND DELETE PUT MKCOL MOVE COPY PROPPATCH REPORT'"

examples/nextcloud/server-confs/nextcloud.conf

@@ -31,7 +31,7 @@ location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
 	index index.php;
 }
 
-location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
+location ~ \.(?:css|js|woff2?|svg|gif|map|mp4)$ {
 	try_files $uri /index.php$request_uri;
 	add_header Cache-Control "public, max-age=15778463";
 }