OWASP Core Ruleset
OWASP Core Ruleset is the most robust open source WAF rule set available in the internet, compatible with Coraza.
Important: OWASP Core Ruleset requires coraza-libinjection and coraza-pcre plugins to work. There is an upcoming fork that removes the need for the plugins by removing a few features and rewriting some @rx operators to RE2 instead of PCRE.
Installation
Core Ruleset can be normally installed by importing each required file in the following order:
wget https://raw.githubusercontent.com/jptosso/coraza-waf/v2/master/coraza.conf-recommended -O coraza.conf
git clone https://github.com/coreruleset/coreruleset
- coraza.conf
- coreruleset/crs-setup.conf.example
- coreruleset/rules/*.conf
For example:
func initCoraza(){
waf := coraza.NewWaf()
parser, _ := seclang.NewParser(waf)
files := []string{
"coraza.conf",
"coreruleset/crs-setup.conf.example",
"coreruleset/rules/*.conf",
}
for _, f := range files {
if err := parser.FromFile(f); err != nil {
panic(err)
}
}
}
Configuration
Please check https://coreruleset.org/installation/ for configuration examples.