-
## Summary
I've recently realized that we don't have Coraza correctly configured to buffer request responses, but its taken quite a bit of fiddly debugging since the issue was only happening infreq…
-
## Description
I'm running the WAF v3.0.4 via the [http middleware](https://github.com/corazawaf/coraza/blob/main/http/middleware.go) in `DetectionOnly` mode, using the [coraza packaged core rulese…
-
Hi,
We have kong version 0.14.1 based on the below images:
https://github.com/Kong/docker-kong/tree/master/ubuntu
I'm wondering how can I implement **Modsecurity** WAF on top of Kong's **OpenRe…
-
### Describe the bug
When i put a rule with ctl:ruleRemoveTargetById range, the rules still blocking for the ARGS.
### Steps to reproduce
With a rule
SecRule REQUEST_URI "URL" \
"id…
-
Running into an issue where running `aws waf list-web-acls` returns nothing even though we have a WAF setup under one of the regions:
`{
"WebACLs": []
}`
-
Following the instructions here:
https://github.com/ioos/registry/wiki/Hosting-Your-Own-WAF
I tried harvesting ISO metadata from the SIO HFR catalogs using this script, where I used a custom (upd…
-
1. Create WAF using CLI and make note of ID
- `java -jar tfcli.jar --create-waf testWaf mod_security`
2. Search for WAF that was just created using the following CLI command.
- `java -jar tfcli.…