Official Docker Repository for mosparo (unprivileged).
5.1K
The modern spam protection tool.
It replaces other captcha methods with a simple and easy to use spam protection solution.
FYI: The bird is called Mo (the sparrow).
Unprivileged version
This image is the unprivileged version of the mosparo image. It is compatible with the security context "restricted-v2" of OpenShift. The following table shows you the differences between the standard and the unprivileged version:
| Difference | Description |
|---|---|
| No cron jobs | The image does not contain any cron jobs. This is because the cron software requires root to start correctly. The official recommendation for Kubernetes is to use Kubernetes cronjobs. |
| Choose functionality | In the unprivileged image, you can choose whether to run nginx, PHP, or both in the container. See the environment variables for more information. |
| Exposed port 8080 | This image exposes port 8080 for the web server compared to port 80 in the standard image. |
| Volumes | The unprivileged image uses three different volumes to replace the different writable directories with writeable volumes without linking. |
| Configuration file | The path to the configuration file is defined as an environment variable. The image expects a volume for /mosparo-config in which the configuration file is stored. |
mosparo is the modern solution to protect your online forms from spam. The protection method is simple: mosparo blocks spam based on rules matching the form's data. The detection method is comparable to an email spam filter. The user does not have to prove it is a real human by solving a puzzle. Instead, the tool scans the entered form data for words or other information that is not allowed. You can add different kinds of rules to catch all possible spam.
Spam filters are standard on email servers. They scan a whole message to detect a possible spam message. Additionally, many settings can prevent spam mail (or at least make it more visible), like SPF, DKIM, etc. But the hard part is that the email is one message, and the spam filter must check the entire message. Since everything is together in one message, it can lead to false detection.
The solution in web forms is more straightforward: since all fields are separated, we can check all fields separately. In one of the fields, the spam bot has to write, for example, the URL to the website or the message. Because of that, we can execute our checks for the field and detect spam very quickly — if there is a rule to detect spam.
We don't guarantee that mosparo will catch all your spam messages since the detection is mainly based on your rules. If you set up enough rules, we estimate that mosparo will block more than 80% of the spam messages.
Our main objective is different. Firstly, we wanted to create a solution that you can host on your server or web hosting, which does not collect as much data as possible.
When we looked for ways to do that, we found that there wasn't a real solution for everyone. Many existing solutions require a puzzle that the user must resolve. For people with disabilities, solving puzzles may not be a good way to prove that they are real people.
We have therefore defined our main objective: to collect only data that is necessary, self-hosted, and accessible.
To use the Docker image, you need at least
There are two ways to use the Docker image. The first and recommended option is to use Docker Compose. With Docker Compose, you can create all the needed containers with one command. However, you can also create your Docker container manually by using the image directly.
To use this method, please install Docker Compose first. You can find the manual here: https://docs.docker.com/compose/install/
Now, you should create a new directory on your server. Please create a new file called docker-compose.yaml in this directory.
Insert the following content into this file:
Services:
DB:
# We recommend the MariaDB image
image: mariadb:11.4
# If you want to use MySQL, uncomment the following line (and comment the one above)
#image: mysql:8.0.37
command: '--default-authentication-plugin=mysql_native_password'
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
- MYSQL_ROOT_PASSWORD=mosparo_root_pw
- MYSQL_DATABASE=mosparo
- MYSQL_USER=mosparo
- MYSQL_PASSWORD=mosparo_password
expose:
- 3306
- 33060
mosparo_web:
image: mosparo/mosparo-unprivileged:latest
ports:
- 8080:8080
restart: always
environment:
- MOSPARO_RUN_NGINX=1
- MOSPARO_RUN_PHP_FPM=1
- MOSPARO_CONFIG_FILE_PATH=/mosparo-config/env.mosparo.php
#- MOSPARO_CLEANUP_GRACE_PERIOD_ENABLED=1
Volumes:
- mosparo_config:/mosparo-config
- mosparo_public_resources:/mosparo/public/resources
- mosparo_var:/mosparo/var
volumes:
db_data:
mosparo_config:
mosparo_public_resources:
mosparo_var:
After you created the file with the content above, open a terminal. Navigate to your newly created directory and run the following command to create and start the containers:
docker-compose up -d
You should see that the images get downloaded and the containers get created.
After some time, the work should be completed, and the mosparo container should be created. The mosparo container is now installed.
You should be able to access mosparo when you enter 127.0.0.1:8080 in your browser.
For security reasons, you should not make port 8080 of the mosparo image publicly available. Instead, you must set up a reverse proxy. For this, see reverse proxy.
Instead of using the Docker Compose method, you can create the container directly with the image. For this, run the following command:
docker run -p 127.0.0.1:8080:8080 -d mosparo/mosparo-unprivileged
The image will be downloaded, and the container will be created. If you want to use a dockerized MySQL database, you have to link the mosparo container to this MySQL server.
docker run –link mysql-server -p 127.0.0.1:8080:8080 -d mosparo/mosparo-unprivileged
You should be able to access mosparo when you enter 127.0.0.1:8080 in your browser.
For security reasons, you should not make port 8080 of the mosparo image publicly available. Instead, you must set up a reverse proxy. For this, see reverse proxy.
mosparo stores the configuration of mosparo in a PHP file as if you install it normally, so you cannot set the configuration by using environment variables.
But there are some additional environment variables which you can use to change the behavior of the Docker image:
| Name | Default | Description |
|---|---|---|
| MOSPARO_RUN_NGINX | 1 | Allows to enable or disable the webserver in the mosparo image |
| MOSPARO_RUN_PHP_FPM | 1 | Allows to enable or disable the cron jobs in the mosparo image |
| MOSPARO_UPDATES_ENABLED | 0 | Enables or disables the updates inside mosparo. This should be disabled all the time in a Docker container since updating mosparo in a Docker environment should be happen by updating the image |
| TRUSTED_PROXIES | 127.0.0.1,REMOTE_ADDR | Defines which proxies mosparo should trust. The default settings allow all proxies. This is why you need a reverse proxy in front of mosparo and should not expose it to the public directly. |
| MOSPARO_CONFIG_FILE_PATH | undefined | Specifies the absolute path to the configuration file, for example, /mosparo-config/env.mosparo.php. |
Learn more about the environment variables in the official mosparo documentation.
Since the image does not contain any cron daemon, you must configure the cron job yourself. If you use Kubernetes, you can use Kubernetes cron jobs.
Otherwise, you can use another image to execute the mosparo cron jobs or you can execute them from the host (https://documentation.mosparo.io/docs/installation/configure/cron_jobs).
mosparo also offers a web cron job which you can execute by web request. You can use an external service or an additional image to call the web cron job (https://documentation.mosparo.io/docs/installation/configure/cron_jobs#web-cron-job).
Content type
Image
Digest
sha256:10adc7b84…
Size
240.2 MB
Last updated
4 days ago
docker pull mosparo/mosparo-unprivileged