FROM wordpress:latest

# Allow unverified packages
RUN echo 'APT::Get::AllowUnauthenticated "true";' > /etc/apt/apt.conf.d/99allow-unauth

# Remove current Apache and clean
RUN apt-get remove -y apache2 apache2-bin apache2-data apache2-utils \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

# Replace sources with Debian snapshot
RUN rm -f /etc/apt/sources.list.d/* /etc/apt/sources.list
COPY challenge-custom/sources.list /etc/apt/sources.list

# Install Apache from snapshot
RUN apt-get -o Acquire::Check-Valid-Until=false update \
    && apt-get --allow-unauthenticated install -y \
    apache2 apache2-bin apache2-utils ssl-cert \
    && rm -rf /var/lib/apt/lists/*

# Copy Apache configuration
COPY challenge-custom/000-default.conf /etc/apache2/sites-available/000-default.conf

COPY  --chown=www-data:www-data challenge-custom/super-malware-scanner.php /usr/src/wordpress/wp-content/mu-plugins/super-malware-scanner.php

