plugin-registry icon indicating copy to clipboard operation
plugin-registry copied to clipboard

Published 20 hours ago verified publisher icon coreruleset

Feature Request: GitLab Plugin

Open sempervictus opened this issue 1 year ago • 5 comments

Seems GitLab is fairly prone to false positives with ModSecurity and the whackamole exclusion process is a bit onerous/may exclude valid rules. Wondering if anyone's got a CRS plugin in the works for "on-prem" GitLab setups (in our case, V2+Apache).

sempervictus avatar Jun 23 '24 05:06 sempervictus

@sempervictus Hi. Probably no but we may create one if you are willing to help - mainly providing logs and testing. What do you think?

azurit avatar Jun 23 '24 08:06 azurit

@sempervictus I've been thinking about playing with GitLab and writing a plugin for it, I haven't really decided if I'll go through with it or not. Although I'm not sure who should maintain the plugins (Myself, CRS, or a 3rd party), I already maintain 3 plugins myself and I'm not sure I can maintain 4 with reasonable quality.

EsadCetiner avatar Jun 29 '24 15:06 EsadCetiner

I'm able to maintain it but i don't use it so i can't write it only by myself - i need, at least, logs and testing.

azurit avatar Jun 29 '24 16:06 azurit

I'm not the heaviest user so won't cover all the APIs but if there's some smoke test set we could execute, it should give us a baseline. Can set up a test instance if needed in our private clouds and provide access for devs

sempervictus avatar Jun 29 '24 20:06 sempervictus

@sempervictus No need to cover it all, we can start with your use-case. Can you provide us with logs of blocked requests?

azurit avatar Jun 29 '24 20:06 azurit