feat(samples/httpasteit): add security to httpd

- configure mod_security
- configure mode_evasive

samples/httpaste.it/httpd/Dockerfile

@@ -1,3 +1,14 @@
 FROM httpd:2.4
 
-RUN apt-get update -y && apt-get install -y libapache2-mod-proxy-uwsgi
+RUN apt-get update -y && apt-get install -y \
+	libapache2-mod-proxy-uwsgi \
+	libapache2-mod-evasive \
+	libapache2-mod-security2
+
+RUN mkdir -p /usr/local/apache2/crs-tecmint
+
+ADD https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/refs/tags/v3.2.0.tar.gz /usr/local/apache2/crs/master
+
+RUN cd /usr/local/apache2/crs && \
+	tar -xzf master && \
+	cp owasp-modsecurity-crs-3.2.0/crs-setup.conf.example owasp-modsecurity-crs-3.2.0/crs-setup.conf

samples/httpaste.it/httpd/usr/local/apache2/conf/httpd.conf

@@ -16,6 +16,9 @@ LoadModule proxy_module modules/mod_proxy.so
 LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
 LoadModule unixd_module modules/mod_unixd.so
 LoadModule access_compat_module modules/mod_access_compat.so
+LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so
+LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
+
 
 <IfModule unixd_module>
     User www-data
@@ -24,6 +27,20 @@ LoadModule access_compat_module modules/mod_access_compat.so
 
 ServerAdmin you@example.com
 
+<IfModule security2_module>
+        Include crs/owasp-modsecurity-crs-3.2.0/crs-setup.conf
+        Include crs/owasp-modsecurity-crs-3.2.0/rules/*.conf
+</IfModule>
+
+<IfModule mod_evasive24.c>
+    DOSHashTableSize    3097
+    DOSPageCount        3
+    DOSSiteCount        10
+    DOSPageInterval     1
+    DOSSiteInterval     1
+    DOSBlockingPeriod   10
+    DOSCloseSocket      On
+</IfModule>
 
 ErrorLog /proc/self/fd/2
 
@@ -58,6 +75,7 @@ ServerName 127.0.0.1
 <VirtualHost 0.0.0.0:80>
     #ProxyPreserveHost On
     ServerName httpaste.it
+    ServerAlias localhost
     SetEnv proxy-sendchunks
     ProxyPass  "/" "unix:/shared/uwsgi.sock|uwsgi://localhost/"
 </VirtualHost>