diff --git a/apache-config.conf b/apache-config.conf index 6aaba91..7a94e32 100644 --- a/apache-config.conf +++ b/apache-config.conf @@ -9,9 +9,10 @@ #ServerName www.example.com ServerAdmin webmaster@localhost - DocumentRoot / - ProxyPass /hcportal http://127.0.0.1:80/app retry=1 acquire=3000 timeout=600 Keepalive=On - + DocumentRoot /app/src/api + + + Options Indexes FollowSymLinks DirectoryIndex index.php AllowOverride All Require all granted diff --git a/docker-compose.yml b/docker-compose.yml index b500207..1f64c10 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -19,15 +19,21 @@ services: - hcportalnetwork volumes: - ./be:/app + - ./apache-config.conf:/etc/apache2/sites-available/000-default.conf:ro + - backend-vendor:/app/src/api/vendor owasp: container_name: owasp-hcportal image: owasp/modsecurity-crs:3.3.5-nginx-202401080101 environment: - - backend=http://be:80 + - BACKEND=http://be:80 + - BACKEND_PROTO=http + - PORT=80 networks: - hcportalnetwork ports: - 8888:80 + volumes: + - ./nginx-config/custom-buffers.conf:/etc/nginx/conf.d/custom-buffers.conf:ro links: - be depends_on: @@ -35,3 +41,6 @@ services: networks: hcportalnetwork: driver: bridge + +volumes: + backend-vendor: diff --git a/nginx-config/custom-buffers.conf b/nginx-config/custom-buffers.conf new file mode 100644 index 0000000..5bc6d71 --- /dev/null +++ b/nginx-config/custom-buffers.conf @@ -0,0 +1,14 @@ +# Custom buffer size configuration to handle large headers and cookies +client_header_buffer_size 16k; +large_client_header_buffers 8 32k; +client_max_body_size 100M; +client_body_buffer_size 128k; + +# Additional proxy buffer settings +proxy_buffer_size 16k; +proxy_buffers 8 32k; +proxy_busy_buffers_size 64k; + +# Prevent X-Forwarded-For header from growing infinitely +proxy_set_header X-Forwarded-For $remote_addr; +proxy_set_header X-Real-IP $remote_addr; \ No newline at end of file