-
# Monthly Chat Agenda September 2023 (2023-09-04 and 2023-09-18)
This is the Agenda for the two Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #…
-
Hi,
I am successfully using te coraza waf. However I see this log lines, and I have no idea where to start as it not clear what is producing the warning. Any pointers would be helpful to reduce log…
-
If coraza-caddy is enabled, Caddy responds with 500 to unauthenticated requests on paths that require `basicauth`.
Here's my stripped-down Caddyfile.
``` ini
{
order coraza_waf first
log …
-
Hi there,
I'm receiving the following error:
```log
│ 2023-10-12T06:07:26.021556Z error envoy wasm external/envoy/source/extensions/common/wasm/context.cc:1154 wasm log: GC Warning: Fa…
-
Hello,
According to existing docs, coraza-spoa should return "1" for a verdict that will be denied. Verdicts that are blocked by the crs ruleset yield a "-" however. It does return "0" on a clean …
-
Hey there, thank you for aiming to replace Trustwave ModSecurity. I have been following the instruction to setup coraza-spoa with haproxy and finally got it running. I am not seeing it block however.
…
-
First of all, thank you very much for the project !
# The context
I installed coraza-caddy and included coreruleset following the Readme. Everything seems to work as expected.
I am trying to cr…
-
## Background
We have a memory leak (https://github.com/kubernetes/ingress-nginx/issues/8166) that is hard to debug. Two new releases are available, 1.3 and 1.4
- 1.3 is the safest choice, should be…
-
### Description
The `REQUEST-920-PROTOCOL-ENFORCEMENT.conf` ruleset does not appear to be aware of `HTTP/3`.
### How to reproduce the misbehavior (-> curl call)
I simply deployed https://gith…
-
Hi,
You may have noticed that I am actively testing the module before utilizing it in production (kudos for the excellent work, by the way 😄 ). During my recent tests, I observed that in both versi…