-
We want to write a scanner & parser in Go to parse the CRS rules so we can process these rules in Go (this is our goal). I noticed there are lex and yacc files: `seclang-scanner.ll` and `seclang-parse…
-
I submitted a couple of enhancements to the sample configuration which I would find useful, when using coraza-spoa for the first time!
- https://github.com/corazawaf/coraza-spoa/pull/8
- https://g…
-
Hello!
The Modsec project is EOL: https://www.trustwave.com/en-us/resources/security-resources/software-updates/end-of-sale-and-trustwave-support-for-modsecurity-web-application-firewall/
But th…
-
Now, in the coraza, if we have the below rule like this:
```
SecRule ARGS:Test1 "123" "id:3,phase:1,log,deny"
```
And, if we have the below request like this:
```
GET /test?Test1=123 HTTP/1.1
…
-
## Description
I reproduced this issue with libcoraza. When I call the function `coraza_intervention()`, and the `SecRuleEngine` has set to `DetectionOnly`, then function returns NULL (nil).
###…
-
When testing the service locally, manual refresh often has detection failures
-
When sending a request without query arguments, coraza-spoa will by default [log it as an error](https://github.com/corazawaf/coraza-spoa/blob/11c9415375c76d9edfd43d711f2f9cfc890abe5d/internal/request…
-
In the ```mime/multipart.go``` file, the ```(*Part).FileName``` returns the filename parameter of the Part's Content-Disposition header. If not empty, the filename is passed through ```filepath.Base``…
-
- **Date:** _Wednesday, April 27 at 12 p.m. UTC_
- **Previous agenda:** https://github.com/corazawaf/coraza/issues/180
### Current agenda
1. Project status
2. CRS compatibility status
3. Lua su…
-
- **Date:** _Wednesday, March 30 at 12 p.m. UTC_
- **Previous agenda:** https://github.com/corazawaf/coraza/issues/162
### Current agenda
1. Project status
2. Pending Feb topics
1. Gift on …