andrew
/
build-grav
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Disable expose_php and set ServerTokens ProductOnly in apache config to improve security (#22)

This commit is contained in:
rouja 2020-04-27 23:13:21 +02:00 committed by GitHub
parent 3ae7b8c68f
commit 1858f38e52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile
View File

@ -2,7 +2,9 @@ FROM php:7.3-apache
LABEL maintainer="Andy Miller <rhuk@getgrav.org> (@rhukster)" LABEL maintainer="Andy Miller <rhuk@getgrav.org> (@rhukster)"
# Enable Apache Rewrite + Expires Module # Enable Apache Rewrite + Expires Module
RUN a2enmod rewrite expires RUN a2enmod rewrite expires && \
sed -i 's/ServerTokens OS/ServerTokens ProductOnly/g' \
/etc/apache2/conf-available/security.conf
# Install dependencies # Install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
@ -38,6 +40,7 @@ RUN { \
echo 'opcache.enable_cli=1'; \ echo 'opcache.enable_cli=1'; \
echo 'upload_max_filesize=128M'; \ echo 'upload_max_filesize=128M'; \
echo 'post_max_size=128M'; \ echo 'post_max_size=128M'; \
echo 'expose_php=off'; \
} > /usr/local/etc/php/conf.d/php-recommended.ini } > /usr/local/etc/php/conf.d/php-recommended.ini
RUN pecl install apcu \ RUN pecl install apcu \