GLad-operating-system
commented
1 year ago I am a student from China, majored in CS. I saw this project and want to base on this one to finish my graduate project. And I may solve your problem. I suppose you should check your config, because in my testing , the program can recognize the malicious requests. You need to make sure that the port is the same in the both of configs, and don't set dvwa in the ProxyPass. It will make the WAF ignoring the path. But I got another issue you can see it above, hope you can help me to solve the problem.
Hi, I'm a french student in IT and for a practical work in cybersecurity I need to install a WAF for block SQL injection on DVWA and grad secure seems to be a good one. But it doesnt work ... I installed and configured like you write on the README file with the same port for grad_secure but when I had run DVWA on port 80 and I do my sql injection nothing changed, nothing blocked. I already restarted apache2 etc ... but maybe I need to do something else ? I'm on ubuntu 22.04.
TY and BR !