This is a general query of interest for implementing ModSecurity v3 (Libmodsecurity) for the public facing NGINX web server that sits in front of all other services.
Among other capabilities, this would make it possible to provide a Web Application Firewall (WAF) that implements the basic OWASP ruleset that can inspect and react to traffic on the decrypted side of the SSL certificate termination.
This came up as a concern due to the amount of attacks and attack patterns I see hit my matrix instance that would be blocked by a WAF.
natecovington
commented
2 years ago
This is a general query of interest for implementing ModSecurity v3 (Libmodsecurity) for the public facing NGINX web server that sits in front of all other services.
Among other capabilities, this would make it possible to provide a Web Application Firewall (WAF) that implements the basic OWASP ruleset that can inspect and react to traffic on the decrypted side of the SSL certificate termination.
This came up as a concern due to the amount of attacks and attack patterns I see hit my matrix instance that would be blocked by a WAF.