Closed vncloudsco closed 1 year ago
Here log detail
Nov 10 15:31:08 caddy caddy[53627]: Error: loading initial config: loading new config: loading http app module: provision http: server srv0: setting up route handlers: route 0: loading handler modules: position 0: loading module 'subroute': provision http.handlers.subroute: setting up subroutes: route 0: loading handler modules: position 0: loading module 'waf': provision http.handlers.waf: failed to compile rule (unknown variable): &MULTIPART_PART_HEADERS:_charset_ "!@eq 0" "id:922100,phase:2,block,t:none,msg:'Multipart content type global _charset_ definition is not allowed by policy',logdata:'Matched Data: %{ARGS._charset_}',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-multipart-header',tag:'OWASP_CRS',tag:'capec/1000/255/153',tag:'paranoia-level/1',ver:'OWASP_CRS/4.0.0-rc1',severity:'CRITICAL',chain"
I fixed it by removing the REQUEST-922-MULTIPART-ATTACK.conf rule
Hey! I will try to update coraza-caddy to the latest version of Coraza, which fixes this issue, today.
I built the source code as specified
xcaddy build --with github.com/corazawaf/coraza-caddy
however then I get the following incorrect configuration error
here is my config file
version info I'm using