caswaf
caswaf copied to clipboard
[feature] add rule feature
Rule should be added to CasWAF as first-class object (Go struct, CURD, list page, edit page, etc.)
Rule contains two parts: condition and an action.
Condition can be:
- Always true
- WAF rule matched
- IP whitelist/blacklist
- UA whitelist/blacklist
- Composite conditions like
requestUrl.startsWith("/attack") && method == "POST || WAF rule matched"
Action can be:
- Pass or Block
- Log or Not-log
- Requires login (via Casdoor: https://casdoor.org/ )
- Requires captcha (via Casdoor captcha provider: https://casdoor.org/docs/category/captcha/ )