GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → jptosso → coraza-caddy

jptosso / coraza-caddy

Licence: Apache-2.0 license
OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities

Programming Languages

go
31211 projects - #10 most used programming language

Labels

securitywafowaspcaddycaddyservercorerulesetwebapplicationfirewall

Projects that are alternatives of or similar to coraza-caddy

caddy-crowdsec-bouncer
A Caddy module that blocks malicious traffic based on decisions made by CrowdSec.
Stars: ✭ 40 (-46.67%)
Mutual labels:  caddy, caddyserver
caddy-esi
Middleware for Caddy Server integrating ESI (edge side includes) tags with parallel loading. Able to connect to HTTP/S/2, Memcache, Redis, shell scripts, gRPC and SQL backends 🐜🐜🐜
Stars: ✭ 28 (-62.67%)
Mutual labels:  caddy, caddyserver
caddy-exec
Caddy v2 module for running one-off commands
Stars: ✭ 48 (-36%)
Mutual labels:  caddy, caddyserver
caddy-json-schema
JSON schema generator for Caddy v2
Stars: ✭ 63 (-16%)
Mutual labels:  caddy, caddyserver
ftw
Framework for Testing WAFs (FTW!)
Stars: ✭ 106 (+41.33%)
Mutual labels:  waf, owasp
souin
An HTTP cache system, RFC compliant, compatible with @TykTechnologies, @traefik, @caddyserver, @go-chi, @bnkamalesh, @beego, @devfeel, @labstack, @gofiber, @go-goyave, @gin-gonic, @zalando, @zeromicro, @nginx and @apache
Stars: ✭ 269 (+258.67%)
Mutual labels:  caddy, caddyserver
ssss
Stupid Simple Seedbox Script
Stars: ✭ 19 (-74.67%)
Mutual labels:  caddy, caddyserver
vscode-caddyfile-support
Rich Caddyfile support for Visual Studio Code
Stars: ✭ 30 (-60%)
Mutual labels:  caddy, caddyserver
aws-firewall-factory
Deploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (-4%)
Mutual labels:  waf, owasp
wafbypasser
No description or website provided.
Stars: ✭ 73 (-2.67%)
Mutual labels:  waf, owasp
Loginsrv
JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..
Stars: ✭ 1,835 (+2346.67%)
Mutual labels:  caddy, caddyserver
caddy-tlsconsul
🔒 Consul K/V storage for Caddy Web Server / Certmagic TLS data
Stars: ✭ 89 (+18.67%)
Mutual labels:  caddy, caddyserver
Go Agent
Sqreen's Application Security Management for the Go language
Stars: ✭ 134 (+78.67%)
Mutual labels:  waf, owasp
waf-brain
Machine Learning WAF Based
Stars: ✭ 74 (-1.33%)
Mutual labels:  waf, owasp
tutorials
Additional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-52%)
Mutual labels:  owasp
raider
OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
Stars: ✭ 88 (+17.33%)
Mutual labels:  owasp
waflab
A web-based testing platform for WAF (Web Application Firewall)'s correctness
Stars: ✭ 25 (-66.67%)
Mutual labels:  waf
crAPI
completely ridiculous API (crAPI)
Stars: ✭ 549 (+632%)
Mutual labels:  owasp
mod csrfprotector
apache 2.x.x module, for CSRF mitigation
Stars: ✭ 20 (-73.33%)
Mutual labels:  owasp
ingress
Kubernetes Ingress controller with integrated Wallarm services
Stars: ✭ 31 (-58.67%)
Mutual labels:  waf
View All Similar Projects ➔

Coraza WAF Caddy Module

Tests Project Status: Active – The project has reached a stable, usable state and is being actively developed.

OWASP Coraza Caddy Module provides Web Application Firewall capabilities for Caddy.

OWASP Coraza WAF is 100% compatible with OWASP Coreruleset and Modsecurity syntax.

Plugin syntax

coraza_waf {
	directives `
		SecAction "id:1,pass,log"
	`
	include /path/to/config.conf
}

Sample usage:
Important: order coraza_waf first must be always included in your Caddyfile for Coraza module to work

{
    order coraza_waf first
}

http://127.0.0.1:8080 {
	coraza_waf {
		directives `
			SecAction "id:1,pass,log"
			SecRule REQUEST_URI "/test5" "id:2, deny, log, phase:1"
			SecRule REQUEST_URI "/test6" "id:4, deny, log, phase:3"
		`
		include file1.conf 
		include file2.conf
		include /some/path/*.conf
	}
	reverse_proxy http://192.168.1.15:8080
}

Build Caddy with Coraza WAF

Run:

xcaddy build --with github.com/corazawaf/coraza-caddy

Testing

You may run the test suite by executing:

$ git clone https://github.com/corazawaf/coraza-caddy
$ cd coraza-caddy
$ go test ./...`

Using OWASP Core Ruleset

Clone the coreruleset repository and download the default coraza configurations from Coraza repository, then add the following to you coraza_waf directive:

include caddypath/coraza.conf-recommended
include caddypath/coreruleset/crs-setup.conf.example
include caddypath/coreruleset/rules/*.conf

Known Issues

FAQ

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].