FROM php:8.2-apache

RUN apt-get update && apt-get install -y --no-install-recommends \
    libpng-dev libjpeg-dev libzip-dev zip unzip curl bash \
    && rm -rf /var/lib/apt/lists/*

RUN docker-php-ext-install mysqli pdo_mysql

RUN a2enmod cgi rewrite headers ssl

RUN a2ensite default-ssl \
    && openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
        -keyout /etc/ssl/private/ssl-cert-snakeoil.key \
        -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
        -subj "/CN=insecure.newploit.com/O=Newploit/C=ID"

COPY apache.conf /etc/apache2/conf-enabled/vuln.conf

RUN sed -i 's|ServerTokens.*|ServerTokens Full|' /etc/apache2/conf-enabled/security.conf || true \
    && sed -i 's|ServerSignature.*|ServerSignature On|' /etc/apache2/conf-enabled/security.conf || true

RUN { echo "expose_php = On"; \
      echo "display_errors = On"; \
      echo "allow_url_include = On"; \
      echo "allow_url_fopen = On"; \
      echo "log_errors = On"; \
      echo "error_log = /var/www/html/wp-content/debug.log"; \
    } > /usr/local/etc/php/conf.d/vuln.ini

EXPOSE 80 443