OWASP Core Ruleset

OWASP Core Ruleset is the most robust open source WAF rule set available in the internet, compatible with Coraza.

Installation

Core Ruleset can be installed by importing each required file in the following order:

wget https://raw.githubusercontent.com/corazawaf/coraza/v3/dev/coraza.conf-recommended -O coraza.conf
git clone https://github.com/coreruleset/coreruleset

coraza.conf
coreruleset/crs-setup.conf.example
coreruleset/rules/*.conf

For example:

func initCoraza(){
  cfg := coraza.NewWafConfig()
    .WithDirectivesFromFile("coraza.conf")
    .WithDirectivesFromFile("coreruleset/crs-setup.conf.example")
    .WithDirectivesFromFile("coreruleset/rules/*.conf")
  waf, err := coraza.NewWaf(cfg)
  if err != nil {
    panic(err)
  }
}

Configuration

Please check https://coreruleset.org/docs/deployment/install/ for configuration examples.

Edit this page on

OWASP Core Ruleset

Installation #

Configuration #

Installation

Configuration