-
Hello,
I have one an only web frontend, dispatching requests to multiple backends through a host maps:
```
# haproxy.cfg
frontend fe_web
bind :80
bind :443 ssl crt /path/to/cert.pem
…
-
## Description
Coraza does not correctly parse regex arguments in `SecRule`. Let's consider a rule:
```apache
SecRule ARGS|!ARGS:/um_options\[/|!ARGS:um_options[checkmail_email] "@rx \x22|
-
`Error: loading initial config: loading new config: loading http app module: provision http: server srv0: setting up route handlers: route 0: loading handler modules: position 0: loading module 'waf':…
-
We are evaluating Coraza WAF and have observed significant performance degradation when processing larger request bodies. Specifically, starting from a request body size of around 200 bytes, Coraza’s …
-
I am currently trying to implement the coraza plugin into traefik, which sits behind a cloudflare tunnel for external access.
As soon as I activate the middleware for the services traefik starts us…
-
I am unable to use `Include @coraza.conf-recommended` because setting `SecRequestBodyAccess On` seems to break all POST requests and they return error 500 and some gibberish response.
Testing with …
-
## Summary
We would like to request support for the `TIME` variable and other time-related variables (`TIME_DAY`, `TIME_EPOCH`, etc.) in Coraza WAF. These variables are critical for logging and rul…
-
### The following program `sample.go` triggers an unexpected result
```go
package main
// yaegi:tags purego
import (
"fmt"
"github.com/corazawaf/coraza/v3"
)
func main()…
-
## Description
In Deny mode the WAF seems to correctly handle the `allow` action, and after triggering an `allow` rule other rules in the same and subsequent phases are ignored and not triggered. I…
-
https://github.com/traefik/traefik/issues/10739