Uploaded image for project: 'GPII - Global Public Inclusive Infrastructure'
  1. GPII - Global Public Inclusive Infrastructure
  2. GPII-1868

Protect Jenkins with ModSecurity rules

    XMLWordPrintable

    Details

      Description

      For security reasons an Nginx host sits in front of the CI server and a read-only archive of its UI is created. The contents of this archive are served when the https://ci.gpii.net URL is visited. This has protected the Jenkins server but has resulted in inconsistent URLs in notification emails, parts of the UI not getting archived, etc. all causing delays when people are trying to troubleshoot build issues. Using a web application firewall such as ModSecurity can provide another layer of security and more direct access than the current method.

        Attachments

        1. gpii_jenkins_modsecurity.md
          2 kB
          Giovanni Tirloni
        2. modsecurity-packages.tar.gz
          7.15 MB
          Alfredo Matas

          Issue Links

            Activity

              People

              Assignee:
              amatas Alfredo Matas
              Reporter:
              avtar Avtar Gill
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: