spoa-modsecurity
spoa-modsecurity copied to clipboard
haproxy
Example of a simple wrapper around the ModSecurity v2 WAF for use with HAProxy's SPOE filtering
Hi! I'm using modsecurity v2.94 version and using your great code. But i meet problem when i try to make a simple modsec rules. SecRule REQUEST_URI "@contains dangerous" "id:12345,phase:1,deny,setvar:TX.dangerous=1,status:403,msg:'URL contains...
As mentioned here (https://github.com/jcmoraisjr/modsecurity-spoa/issues/6) This seems to be the line logging this information: https://github.com/haproxy/spoa-modsecurity/blob/3c895f3e7dd291dba19d57ba054b277e6fb80ca4/spoa.c#L1247 Would be great if we can offer a switch to control logging of this information.
Hello, So in your readme, you say that modsecurity must be compiled in standalone mode. However I wish to know the SPO agent, how is this compiled? Is this included...
Looks like the log message for when modsecurity fails to load the configuration is not being included in the error message: https://github.com/haproxy/spoa-modsecurity/blob/3c895f3e7dd291dba19d57ba054b277e6fb80ca4/modsec_wrapper.c#L153-L156 So if you have a syntax error in...
Looks like if an SPOP request to modsecurity exceeds the `timeout processing`, the request will be allowed to proceed. Is there some way of configuring HAProxy to "fail closed" when...
When using spoa on Haproxy the modproxy logs keep showing that the connected client is the haproxy itself (which in my case is 127.0.0.1, as I run the agent on...
Trying to install on Oracle Linux 9.4 So installed modsecurity from https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz Its installed and the build file finished successfully. but ./modsecurity -h returned no such file Also cannot figure...
