coraza

package module
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2021 License: Apache-2.0 Imports: 13 Imported by: 0

README

Coraza WAF Caddy Module

Tests

Coraza Caddy Module a WAF for your applications using FastCGI or reverse proxy.

Prerequisites

Plugin syntax

Important: order coraza_waf first must be always included in your Caddyfile for Coraza module to work

coraza {
	directives `
		SecAction "id:1,pass,log"
	`
	include /path/to/config.conf
}

Sample usage:

{
    auto_https off
    order coraza_waf first
}

http://127.0.0.1:8080 {
	coraza_waf {
		directives `
			SecAction "id:1,pass,log"
			SecRule REQUEST_URI "/test5" "id:2, deny, log, phase:1"
			SecRule REQUEST_URI "/test6" "id:4, deny, log, phase:3"
		`
		include file1.conf 
		include file2.conf
		include /some/path/*.conf
	}
	reverse_proxy http://192.168.1.15:8080
}

Build Caddy with Coraza WAF

Run:

xcaddy build --with github.com/jptosso/coraza-caddy

Testing

You may run the test suite by executing:

$ git clone https://github.com/jptosso/coraza-caddy
$ cd coraza-caddy
$ go test ./...`

Compiling with CRS support

Uncomment the plugins github.com/jptosso/coraza-libinjection and github.com/coraza-pcre from caddy/main.go and then compile.

Using OWASP Core Ruleset

Once you have enabled your plugin, you will have to clone coreruleset and download the default coraza configurations from Coraza repository, then add the following to you coraza_waf directive:

include caddypath/coraza.conf-recommended
include caddypath/coreruleset/crs-setup.conf.example
include caddypath/coreruleset/rules/*.conf

Known Issues

FAQ

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Middleware 

type Middleware struct {
	Include    []string `json:"include"`
	Directives string   `json:"directives"`
	// contains filtered or unexported fields
}

func (Middleware) CaddyModule 

func (Middleware) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (*Middleware) Provision 

func (m *Middleware) Provision(ctx caddy.Context) error

Provision implements caddy.Provisioner.

func (Middleware) ServeHTTP 

func (m Middleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error

ServeHTTP implements caddyhttp.MiddlewareHandler.

func (*Middleware) UnmarshalCaddyfile 

func (m *Middleware) UnmarshalCaddyfile(d *caddyfile.Dispenser) error

Unmarshal Caddyfile implements caddyfile.Unmarshaler.

func (*Middleware) Validate 

func (m *Middleware) Validate() error

Validate implements caddy.Validator.

type StreamRecorder 

type StreamRecorder struct {
	*caddyhttp.ResponseWriterWrapper
	// contains filtered or unexported fields
}

func NewStreamRecorder 

func NewStreamRecorder(w http.ResponseWriter, tx *coraza.Transaction) *StreamRecorder

func (*StreamRecorder) Buffered 

func (sr *StreamRecorder) Buffered() bool

Buffered returns true if the response is stored inside the transaction IF false the response was already sent to the client

func (*StreamRecorder) Reader 

func (sr *StreamRecorder) Reader() (io.Reader, error)

Reader provides access to the buffered/inmemory response object

func (*StreamRecorder) Status 

func (sr *StreamRecorder) Status() int

func (*StreamRecorder) Write 

func (sr *StreamRecorder) Write(data []byte) (int, error)

func (*StreamRecorder) WriteHeader 

func (sr *StreamRecorder) WriteHeader(statusCode int)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.