Plugin Catalog
Install a Plugin
Create a Plugin
Plugins
/Coraza WAF

Coraza WAF

42
v0.3.0

Coraza http-wasm traefik plugin

This repository publishes the coraza-http-wasm as a plugin and also contains examples on how to run coraza-http-wasm as a traefik plugin.

Getting started

You can run the docker compose example:

docker compose up traefik

and do test calls:

  • curl -I 'http://localhost:8080/admin' will return a 403 as per the configuration rules.
  • curl -I 'http://localhost:8080/anything' will return a 200 as there is not matching rule.

To try out other kind of rules, you can locally modify the config-dynamic.yaml file in the section middlewares:

http:
# ...
  middlewares:
    waf:
      plugin:
        coraza:
          directives:
            - SecRuleEngine On
            - SecDebugLog /dev/stdout
            - SecDebugLogLevel 9
            - SecRule REQUEST_URI "@streq /admin" "id:101,phase:1,log,deny,status:403"

For more information about the available directives go to coraza docs.