-
### What's needed and why?
Hi, could it be possible to get a feature to include the new [https://coreruleset.org/docs/concepts/plugins/#how-to-install-a-plugin plugins](https://coreruleset.org/docs/c…
-
I wanted to include mod-security ruleset in the WAF (Nginx) of my OPNsense firewall for OWASP Top 10 Security risks.
Any idea or reference on how to do it ??
-
Hi team:
will opensearch support rules similar to OWASP coreruleset to detect abonormal http request.
-
OWASP provide an official ModSecurity CRS container - https://github.com/coreruleset/modsecurity-crs-docker . It would be fantastic to have a coraza-crs-docker take its place.
I'm using this in the…
-
**Is your feature request related to a problem? Please describe.**
WAF users want to upgrade to more recent CoreRuleSet versions, without waiting for a Gloo Edge product version update. This is espec…
-
I am using caddy as https reverse proxy with coraza. my app streams response. w/o coraza I see page rendered gradually. with coraza I get whole page after delay. Even with empty coraza config it is …
-
### Description
I am using Coraza as module in Caddy with below directives:
```
Include @coraza.conf-recommended
Include @crs-setup.conf.example
Include @owasp_crs/*.conf
SecRuleEngine…
-
We found out that after upgrading to 1.9.6 there was a big hit in reading ~~ 270 files. After doing some version comparisions, the problem seems to be introduced in v1.9.3.
```
❯ go get -u github.co…
fzipi updated
3 months ago
-
```
$ curl -H "x-format-output: txt-matched-rules" http://sandbox.coreruleset.org/ -d 'foo=console.log(msg)'
-- no output --
$ curl -H "x-format-output: txt-matched-rules" http://sandbox.corerule…
-
### Describe the bug
In https://github.com/coreruleset/coreruleset/pull/3742 a handful of new rules have been introduced to skip response body inspection if the response is compressed. For response…