-
Hi,
You may have noticed that I am actively testing the module before utilizing it in production (kudos for the excellent work, by the way 😄 ). During my recent tests, I observed that in both versi…
-
with example envoy configuration, I try to call endpoint covered by `default_directive` 3 times and endpoint covered by `per_authority_directives` 2 times.
In this code https://github.com/corazawaf…
-
how to fix below error?
```
Error: adapting config using caddyfile: parsing caddyfile tokens for 'coraza_waf': Caddyfile:136 - Error during parsing: invalid key for filter
directive: load_owasp_cr…
-
This is the Agenda for the two Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, 2023-05-01, at 20:30 CET. That's the 1st Mond…
-
This is the Agenda for the two Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, 2023-06-05, at 20:30 CET. That's the 1st Mond…
-
```
SecRule RESPONSE_BODY "@rx ^#\!\s?/" \
"id:950140,\
phase:4,\
block,\
capture,\
t:none,\
msg:'CGI source code leakage',\
logdata:'Matched Data: %{TX.0} found wi…
-
## Summary
Modsecurity once intended to allow direct audit log writting to different backends (via network). Redis would be an interesting choice for shipping logs directly, skipping the need for loc…
-
we run waf test but there was a problem with the whitelist rule they couldn't find any instructions on how to do this, in the logging section I also don't find information about the log it only has th…
-
## Description
The issue is same as https://github.com/SpiderLabs/ModSecurity/issues/2423.
For CRS rule 920450 https://github.com/coreruleset/coreruleset/blob/v4.0/dev/rules/REQUEST-920-PROTOCOL-E…
-
## Description
Thank you for providing a wonderful WAF WASM filter.
I'm applying coraza wasm filter on my Istio/envoy ingress-gateway and getting the following error:
- Error log (envoy proxy)…