coraza-caddy icon indicating copy to clipboard operation
coraza-caddy copied to clipboard

Published 20 hours ago verified publisher icon corazawaf

Metadata

OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities

Coraza WAF Caddy Module

Tests Project Status: Active – The project has reached a stable, usable state and is being actively developed.

OWASP Coraza Caddy Module provides Web Application Firewall capabilities for Caddy.

OWASP Coraza WAF is 100% compatible with OWASP Coreruleset and Modsecurity syntax.

Plugin syntax

coraza_waf {
	directives `
		SecAction "id:1,pass,log"
	`
	include /path/to/config.conf
}

Sample usage:
Important: order coraza_waf first must be always included in your Caddyfile for Coraza module to work

{
    order coraza_waf first
}

http://127.0.0.1:8080 {
	coraza_waf {
		directives `
			SecAction "id:1,pass,log"
			SecRule REQUEST_URI "/test5" "id:2, deny, log, phase:1"
			SecRule REQUEST_URI "/test6" "id:4, deny, log, phase:3"
		`
		include file1.conf 
		include file2.conf
		include /some/path/*.conf
	}
	reverse_proxy http://192.168.1.15:8080
}

Build Caddy with Coraza WAF

Run:

xcaddy build --with github.com/corazawaf/coraza-caddy

Testing

You may run the test suite by executing:

$ git clone https://github.com/corazawaf/coraza-caddy
$ cd coraza-caddy
$ go test ./...`

Using OWASP Core Ruleset

Clone the coreruleset repository and download the default coraza configurations from Coraza repository, then add the following to you coraza_waf directive:

include caddypath/coraza.conf-recommended
include caddypath/coreruleset/crs-setup.conf.example
include caddypath/coreruleset/rules/*.conf

Known Issues

FAQ

Metadata

274
Stars
31
Forks
Watchers

Owner

verified publisher icon corazawaf

Metadata

OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities

Back