OWASP Core Ruleset

OWASP Core Ruleset is the most robust open source WAF rule set available in the internet, compatible with Coraza.

Installation

Core Ruleset can be installed by importing each required file in the following order:

wget https://raw.githubusercontent.com/corazawaf/coraza/v3/dev/coraza.conf-recommended -O coraza.conf
git clone https://github.com/coreruleset/coreruleset
  1. coraza.conf
  2. coreruleset/crs-setup.conf.example
  3. coreruleset/rules/*.conf

For example:

func initCoraza(){
  cfg := coraza.NewWAFConfig()
    .WithDirectivesFromFile("coraza.conf")
    .WithDirectivesFromFile("coreruleset/crs-setup.conf.example")
    .WithDirectivesFromFile("coreruleset/rules/*.conf")
  waf, err := coraza.NewWAF(cfg)
  if err != nil {
    panic(err)
  }
}

Configuration

Please check https://coreruleset.org/docs/deployment/install/ for configuration examples.

Top