Closed rholden3 closed 1 year ago
Hey, Sorry for the late response! Make sure coraza.conf-recommended has SecRuleEngine On instead of DetectOnly
@rholden3 Were you able to add @jptosso's recommendation? Did it work for you?
Unfortunately, I had to move on to other things as we are looking to use a vendor WAF functionality that it turns out we already have.
When I attempt to test Coraza with GoTestWAF, the WAF block check fails and I am unable to perform a successful test.
Caddyfile:
Error running GotestWAF:
ERRO[0000] caught error in main function error="WAF was not detected. Please use the '--blockStatusCodes' or '--blockRegex' flags. Use '--help' for additional info. Baseline attack status code: 200"
If I run with flag --skipWAFBlockCheck the test fails so it's clear that GotestWAF needs to be told what actual blocking looks likeAccording to GotestWAF documentation, I can use either of these arguments to detect the WAF blocking
Please help me determine how I can best go about this to get a successful POC