How does apisix integrate coraza-proxy-wasm？

[githubxubin]

Description

Currently, I need to use apisix's sql injection and xss capabilities, I tried to integrate coraza-proxy-wasm, but failed, here is my operation and configuration！ referer link:https://docs.api7.ai/apisix/how-to-guide/security/waf/integrate-with-coraza step 1: All configurations are configured according to the document step 2: I failed to add a route on the dashboard page.

{
    "uri": "/test/*",
    "name": "coraza测试",
    "groupId": "1",
    "openId": "",
    "priority": 1,
    "methods": [
        "GET",
        "POST",
        "PUT",
        "DELETE",
        "PATCH",
        "HEAD",
        "OPTIONS"
    ],
    "plugins": {
        "coraza-filter": {
            "conf": {
                "directives_map": {
                    "default": [
                        "SecDebugLogLevel 9",
                        "SecRuleEngine On",
                        "Include @crs-setup-conf",
                        "Include @owasp_crs/*.conf"
                    ]
                },
                "default_directives": "default"
            }
        }
    },
    "upstream": {
        "nodes": [
            {
                "host": "10.210.21.105",
                "port": 1001,
                "weight": 1
            }
        ],
        "retries": 0,
        "timeout": {
            "connect": 6,
            "send": 6,
            "read": 6
        },
        "type": "roundrobin",
        "scheme": "http",
        "discovery_args": {
            "group_name": "",
            "namespace_id": ""
        },
        "pass_host": "pass",
        "keepalive_pool": {
            "idle_timeout": 60,
            "requests": 1000,
            "size": 320
        }
    },
    "status": 1
}

Save failed！ the error is: Whether it is a version problem: apisix version: 3.2/release dashboard version:3.0

Environment

• APISIX version (run apisix version):3.2 apisix
• Operating system (run uname -a):
• OpenResty / Nginx version (run openresty -V or nginx -V):
• etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
• APISIX Dashboard version, if relevant:
• Plugin runner version, for issues related to plugin runners:
• LuaRocks version, for installation issues (run luarocks --version):

[githubxubin]

@shreemaan-abhishek

[sheharyaar]

Did you setup the wasm and it's config in the yaml correctly?

[githubxubin]

Did you setup the wasm and it's config in the yaml correctly?

Yes the configuration is correct, here is my config configuration, and wasm in the container

config:

wasm:
  plugins:
    - name: coraza-filter
      priority: 7999
      file: /usr/local/bin/coraza-proxy-wasm.wasm

Inside the apisix container：

My version 3.2/release does support this feature？tks

[sheharyaar]

apisix is running in the same container, right ?

[kayx23]

apisix version: 3.2

Might be the version. I don't recall coraza was available in 3.2. If you can afford to upgrade, try 3.6.

[githubxubin]

apisix version: 3.2

Might be the version. I don't recall coraza was available in 3.2. If you can afford to upgrade, try 3.6.

It costs too much to upgrade the version, could you please help confirm it？tks

[kayx23]

@githubxubin >=3.6 confirmed.

[githubxubin]

@githubxubin >=3.6 confirmed.

okey!