-
Hey,
I seem to have an issue where the plugin seems to ignore IP addresses that I add to actl:ruleEngine=off rule
```
SecRule REMOTE_ADDR "@ipMatch co.oo.l.ip,127.0.0.1, etc" \
"id:1000100,…
-
Caddy v2.8.4 crashes periodically. At the moment twice a day. Not running a lot of traffic. Have to restart to get it up and running again. Didn't find any reports for this error in this version or an…
-
## Summary
Two new functions are expected, isSqli and isXss,functions with no log but more speed
### Basic example
```
cfg := coraza.NewWAFConfig().
WithRootFS(coreruleset.FS).
WithDire…
-
### Description
We see in the gateway document that apisix has "can protect API from the attack of malicious attack media such as SQL injection, DDOS attack and XSS", may I ask how to prevent SQL inj…
-
## Cilium Feature Proposal - Optionally create ciliumenvoyconfig for gateway resource to allow for custom config.
**Is your proposed feature related to a problem?**
Yes.
We right now h…
-
Hi,
building caddy with xcaddy build --with github.com/corazawaf/coraza-caddy@master and using handler before a reverse_proxy I find a lot of these warnings on all the configured domains.
This i…
-
I'm getting the following line in my logs when I access my sites:
```
{"level":"warn","ts":1686448129.858539,"logger":"http.handlers.waf","msg":"failed to parse server name","tx_id":"_____________…
-
## Summary
I've recently realized that we don't have Coraza correctly configured to buffer request responses, but its taken quite a bit of fiddly debugging since the issue was only happening infreq…
-
In most WAF implementations, we can set up monitor-only or count-only mode while still allowing access to the upstream services.
This stage is one of the important steps when rollouts WAF, at least…
-
*Title*: *Envoy WASM extensions in the present and its future (Proxy-Wasm)*
*Description*:
Envoy current supports WASM extensions via the [WASM filter](https://www.envoyproxy.io/docs/envoy/v1.31…