Coraza doesn't seem to read new rules on caddy reload

[sebypp]

Hi,

I've ben playing with the coraza caddy module and discovered that if new rules are added under the CRS directory issuing systemctl reload caddy is not enough to update configuration. To make it work you need systemctl restart caddy.

Is this intended?

Thx!

[jptosso]

Reload is a caddy feature, technically Coraza is not aware of reloading. Could you provide the package you are using? or your daemon settings

[jptosso]

In the following example I demonstrate that reload is working:

ubuntu@ip-172-xxx-xxx-xxx:~/tosso.io$ docker exec -w /etc/caddy $caddy_container_id caddy reload
{"level":"info","ts":1689338814.9287016,"msg":"using adjacent Caddyfile"}

I added the following rule: SecRule REQUEST_URI "/test5" "id:123,phase:1,log,deny,status:444"

Then we curl and we get status 444:

ubuntu@ip-172-xxx-xxx-xxx:~/tosso.io$ curl https://tosso.io/test5 -v
...
< HTTP/2 444 
< alt-svc: h3=":443"; ma=2592000
< server: coraza
< strict-transport-security: max-age=31536000;
< x-content-type-options: nosniff
< x-frame-options: DENY
< content-length: 0
< date: Fri, 14 Jul 2023 12:49:16 GMT