open-appsec only detects but never blocks

openappsec / open-appsec-npm

Docker container for managing Nginx proxy hosts with a simple, powerful interface including open-appsec support

MIT License

59 stars 4 forks source link

open-appsec only detects but never blocks #32

Open stathismes opened 2 days ago

stathismes commented 2 days ago

I'm using nginx proxy manager integrated with the open appsec but what i can see all the attempts aren't getting blocked by open appsec, the security action only on detect state and not block even i already change the enforcement mode to prevent-learn. Refer screenshot below. What can I change to make the WAF block on any security attempt.

orianelou commented 16 hours ago

Hi @stathismes,

Can you please attach the following:

Docker Compose being used
NGINX Proxy Manager host configuration
open-appsec local policy (can be copied from NGINX Proxy Manager advanced tab).

Best,

the open-appsec team