Skip to content
Openresty with WAF installed
Lua Dockerfile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Dockerfile
LICENSE
README.md
config.lua
nginx.conf

README.md

Openresty WAF

Openresty with WAF installed

Force HTTPS & HTTP2

SSL Cert & PrivKey required

Support TLSv1.3

Components

  • Openresty

    version 1.15.8.1

  • Nginx

    version 1.15.8

  • Openssl

    version 1.1.1c

  • WAF

    unixhot/waf

Build

git clone https://github.com/evi0s/Openresty-WAF.git
cd Openresty-WAF
docker build -t user/name .

Deploy

Copy SSL Cert & Privkey to a path

mkdir /home/user/openresty-waf
cd /home/user/openresty-waf
mkdir ssl && mkdir html
cp /path/to/your/fullchain ./ssl/fullchain.pem # Fullchain name unmodifiable
cp /path/to/your/privkey ./ssl/privkey.pem # Private key name unmodifiable
openssl dhparam -out ./ssl/dhparam.pem 2048

Deploy

docker run -it -d \
           -p 80:80 \
           -p 443:443 \
           -v /home/user/openresty-waf/ssl/:/usr/local/openresty/nginx/ssl/:ro \
           -v /home/user/openresty-waf/html/:/usr/local/openresty/nginx/html/ \
           --name=nginx-waf \
           user/name

Deploy without build

docker run -it -d \
           -p 80:80 \
           -p 443:443 \
           -v /home/user/openresty-waf/ssl/:/usr/local/openresty/nginx/ssl/:ro \
           -v /home/user/openresty-waf/html/:/usr/local/openresty/nginx/html/ \
           --name=nginx-waf \
           evi0s/openresty-waf

Configs

  • WAF logs

    /usr/local/openresty/waf_logs/
    

    Can be modified in config.lua

  • Nginx access log

    /usr/local/openresty/nginx/access.log
    

    Can be modified in nginx.conf

  • WAF warning html

    Can be modified in config.lua

  • WAF CC Blocking

    Default: 10 Requests Max within 60 seconds

    Can be modified in config.lua

Links

You can’t perform that action at this time.