José Carlos Chávez
José Carlos Chávez
## Summary From @fzipi: This should be valid ctl syntax: `ctl:ruleRemoveTargetById=123456;ARGS:/^mycookie_/` It doesn't work on ModSecurity: longstanding unfixed issues https://github.com/SpiderLabs/ModSecurity/issues/717 and https://github.com/SpiderLabs/ModSecurity/issues/911 ### Motivation More args can be covered in...
Fixes #922. cc @UnveilTech
Right now there is no trivial way of connecting audit logs or debug logs (properly coraza logs) with the underlying requests or their consequent proxy logs (e.g. envoy logs). transaction...
- [ ] https://github.com/corazawaf/coraza/issues/809
## Description Over the last months we have been receiving issues from users that involve log output in different parts of the library and connectors. For example: - https://github.com/corazawaf/coraza-caddy/issues/87 -...
Follows from https://github.com/corazawaf/coraza/pull/812#issuecomment-1588401916 - We should extend some collection instead of writing this code 3 times, as it only applies for connectors using the addArguments helper. - Internally coraza doesn't...
Currently actions aren't documented properly: 1. Coraza.io has information about it but it is uncoupled from the code and hence easy to get unsync. An effort to overcome this was...
proxy-wasm extensions allows people to extend proxy functionalities in the request/response lifecycle and are deployed along with proxies but have their own lifecycle. One big issue right now is that...
With increased adoption of cloud native technologies, it is important to minimise risks. Certain types of configuration risks (or there-lack of) are more common than others. There is a need...
There are a few known tweaks we specifically did for this projects that deserve to be documented e.g. `memoize_builders` and others not specifically targeting this repo but useful like wasilibs/go-re2.