From a7cad728684b81170131d5ee58e46277def7ccf2 Mon Sep 17 00:00:00 2001 From: Rob Lowe Date: Wed, 6 Nov 2024 14:44:08 +0000 Subject: [PATCH 1/4] Prod cert fix --- helm_deploy/wordpress/templates/ingress.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/helm_deploy/wordpress/templates/ingress.yaml b/helm_deploy/wordpress/templates/ingress.yaml index c55b88e..780f993 100644 --- a/helm_deploy/wordpress/templates/ingress.yaml +++ b/helm_deploy/wordpress/templates/ingress.yaml @@ -135,9 +135,11 @@ metadata: spec: ingressClassName: modsec tls: +{{- if not (eq .Values.configmap.envtype "prod") }} - hosts: - {{ .Values.domain }} secretName: websitebuilder-{{ .Values.configmap.envtype }}-cert +{{- end }} {{- if eq .Values.configmap.envtype "prod" }} {{- range .Values.ingress.hosts }} - hosts: From 8105017edc64502466267147d09200a3ab7f1947 Mon Sep 17 00:00:00 2001 From: adam Date: Thu, 14 Nov 2024 11:46:28 +0000 Subject: [PATCH 2/4] Add WAF rule 921110 CCRC upload doc When CCRC where uploading their document in the media uploader the WAF blocked the upload. --- helm_deploy/wordpress/templates/ingress.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/helm_deploy/wordpress/templates/ingress.yaml b/helm_deploy/wordpress/templates/ingress.yaml index 780f993..2a8ee3f 100644 --- a/helm_deploy/wordpress/templates/ingress.yaml +++ b/helm_deploy/wordpress/templates/ingress.yaml @@ -24,7 +24,8 @@ metadata: nolog,\ ctl:ruleRemoveById=932110,\ ctl:ruleRemoveById=932130,\ - ctl:ruleRemoveById=941180 + ctl:ruleRemoveById=941180,\ + ctl:ruleRemoveById=921110 # Limit ModSecurity excemptions to only the options page - these rules were breaking the hale components plugin SecRule REQUEST_URI "@contains /wp-admin/options.php" \ "id:1002,\ From 8befee84d05b59fe791669648f4c5df6626e8815 Mon Sep 17 00:00:00 2001 From: Rob Lowe Date: Thu, 14 Nov 2024 12:33:26 +0000 Subject: [PATCH 3/4] Add VC and Showcase certs --- helm_deploy/wordpress/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm_deploy/wordpress/values.yaml b/helm_deploy/wordpress/values.yaml index 7624480..ed8be8e 100644 --- a/helm_deploy/wordpress/values.yaml +++ b/helm_deploy/wordpress/values.yaml @@ -244,10 +244,14 @@ ingress: certName: swoti-cert - name: seewhatsontheinside.co.uk certName: swoti-uk-cert + - name: showcase.websitebuilder.service.justice.gov.uk + certName: websitebuilder-showcase-cert - name: sifocc.org certName: sifocc-cert - name: victimandwitnessinformation.org.uk certName: victimandwitnessinformation-cert + - name: victimscommissioner.org.uk + certName: victimscommissioner-cert - name: victimscode.org.uk certName: victimscode-cert - name: websitebuilder.service.justice.gov.uk From 9c510337da013bf8d58f8139b5966e0b2c2de930 Mon Sep 17 00:00:00 2001 From: adam Date: Wed, 20 Nov 2024 14:50:08 +0000 Subject: [PATCH 4/4] Increase WP version to 6.7 --- wordpress.dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wordpress.dockerfile b/wordpress.dockerfile index de2af5e..5199d7c 100644 --- a/wordpress.dockerfile +++ b/wordpress.dockerfile @@ -6,7 +6,7 @@ # Build multisite # Latest images at https://hub.docker.com/_/wordpress -FROM --platform=linux/amd64 wordpress:6.6.2-php8.3-fpm-alpine +FROM --platform=linux/amd64 wordpress:6.7.0-php8.3-fpm-alpine # Install additional Alpine packages RUN apk update && \