sWAF Files

Very first release!

Only a pre-staged docker image running NGINX with LibreSSL, ModSecurity and OWASP Core Rule Set.

Please get the docker image on [Docker Hub]: docker pull swafproject/swaf

Initial Features:

• Dockerfile based on Alpine Linux 3.12.0.
• Bootstrap script to compile, install, deploy & configure tools.
• Docker entrypoint script to deploy the sWAF image's initial configuration at the first time and to launch NGINX each time starting.
• Additional installed tools:
• curl 7.69.1
• git 2.26.2
• nano 4.9.3
• ModSecurity 3.0.4 compiled with:
• LibCURL 7.69.1
• YAJL 2.1.0
• LibXML2 2.9.10
• SSDEEP (Last version from GitHub at build date)
• LUA 5.1.5
• Test Utilities
• SecDebugLog
• LibreSSL 3.2.1 compiled.
• NGINX 1.19.2 compiled (detailed compilation options are listed into the bootstrap script):
• using threads
• using system PCRE library
• using LibreSSL library with TLS 1.3 and TLS SNI support
• using system zlib library
• using system libatomic_ops library
• using all NGINX all default and additional static modules except: fastcgi, scgi, http_geoip
• using stream module with all default and additional static modules except stream_geoip
• using ModSecurity-nginx connector (ngx_http_modsecurity_module). Last version from GitHub at build date.
• with pcre and pcre-jit
• no mail proxy modules
• no google_perftools_module
• no cpp_test_module
• no http_perl_module
• with debug logging capacity
• Default NGINX configuration files staged with initial examples.
• NGINX configuration files splitted by context (main, events, http, stream, server).
• HTML pages staged for default index and error pages.
• Default ModSecurity configuration files staged from ModSecurity 3.0.4.
• Default Core Rule Set 3.3.0 configuration staged with:
• 'SecRuleEngine On' by default
• modsec_audit.log path properly set
• unicode.mapping path properly set
• Custom modsec_includes.conf staged for ModSecurity configuration load.
• Custom motd for sWAF.
• Set Docker image labels.