OWASP Core Ruleset
OWASP Core Ruleset is the most robust open source WAF rule set available in the internet, compatible with Coraza.
Installation
Core Ruleset can be installed by importing each required file in the following order:
wget https://raw.githubusercontent.com/corazawaf/coraza/v3/dev/coraza.conf-recommended -O coraza.conf
git clone https://github.com/coreruleset/coreruleset
- coraza.conf
- coreruleset/crs-setup.conf.example
- coreruleset/rules/*.conf
For example:
func initCoraza(){
cfg := coraza.NewWAFConfig()
.WithDirectivesFromFile("coraza.conf")
.WithDirectivesFromFile("coreruleset/crs-setup.conf.example")
.WithDirectivesFromFile("coreruleset/rules/*.conf")
waf, err := coraza.NewWAF(cfg)
if err != nil {
panic(err)
}
}
Configuration
Please check https://coreruleset.org/docs/deployment/install/ for configuration examples.