/Coraza WAF

Coraza WAF

19
v0.2.2

Coraza http-wasm traefik plugin

This repository publishes the coraza-http-wasm as a plugin and also contains examples on how to run coraza-http-wasm as a traefik plugin.

Getting started

You can run the docker compose example:

docker compose up traefik

and do test calls:

  • curl -I 'http://localhost:8080/admin' will return a 403 as per the configuration rules.
  • curl -I 'http://localhost:8080/anything' will return a 200 as there is not matching rule.

To try out other kind of rules, you can locally modify the config-dynamic.yaml file in the section middlewares:

http:
# ...
middlewares:
waf:
plugin:
coraza:
directives:
- SecRuleEngine On
- SecDebugLog /dev/stdout
- SecDebugLogLevel 9
- SecRule REQUEST_URI "@streq /admin" "id:101,phase:1,log,deny,status:403"

For more information about the available directives go to coraza docs.