fix stream/allow editing modsec conf/readme changes/dep updates

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 16:03:38 +00:00 · 2023-10-29 11:29:55 +01:00
parent fa43fc2daa
commit 6548a7aea6
11 changed files with 71 additions and 100 deletions
--- a/rootfs/usr/local/nginx/conf/conf.d/include/hsts.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/hsts.conf
@@ -2,6 +2,6 @@ more_set_headers "X-XSS-Protection: 0";
 more_set_headers "X-Frame-Options: SAMEORIGIN";
 more_set_headers "X-Content-Type-Options: nosniff";
 more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
-more_set_headers "Content-Security-Policy: upgrade-insecure-requests";
+more_set_headers "Content-Security-Policy: $content_security_policy";

-more_set_headers "Strict-Transport-Security: max-age=31536000; includeSubDomains; preload";
+more_set_headers "Strict-Transport-Security: max-age=31536000; includeSubDomains; preload";
--- a/rootfs/usr/local/nginx/conf/conf.d/include/modsecurity-crs.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/modsecurity-crs.conf
@@ -0,0 +1,4 @@
+Include /data/etc/modsecurity/modsecurity-default.conf
+Include /data/etc/modsecurity/modsecurity-extra.conf
+Include /data/etc/modsecurity/crs-setup.conf
+Include /usr/local/nginx/conf/conf.d/include/coreruleset/rules/*.conf
--- a/rootfs/usr/local/nginx/conf/conf.d/include/modsecurity.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/modsecurity.conf
@@ -0,0 +1,2 @@
+Include /data/etc/modsecurity/modsecurity-default.conf
+Include /data/etc/modsecurity/modsecurity-extra.conf