OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity’s seclang language and is 100% compatible with OWASP Core Ruleset.
waf.SetErrorLogCb(cb) (optional)Run the go tests:
go test ./…
go test -race ./…
Using pre-commit
pip install pre-commit
pre-commit run –all-files
ou can also install the pre-commit git hook by running
pre-commit install
package main
import(
“fmt”
“github.com/corazawaf/coraza/v2”
“github.com/corazawaf/coraza/v2/seclang”
)
func main() {
// First we initialize our waf and our seclang parser
waf := coraza.NewWaf()
parser, _ := seclang.NewParser(waf)
// Now we parse our rules
if err := parser.FromString(SecRule REMOTE_ADDR "@rx .*" "id:1,phase:1,deny,status:403"); err != nil {
fmt.Println(err)
}
// Then we create a transaction and assign some variables
tx := waf.NewTransaction()
defer func(){
tx.ProcessLogging()
tx.Clean()
}()
tx.ProcessConnection(“127.0.0.1”, 8080, “127.0.0.1”, 12345)
// Finally we process the request headers phase, which may return an interruption
if it := tx.ProcessRequestHeaders(); it != nil {
fmt.Printf(“Transaction was interrupted with status %d\n”, it.Status)
}
}
Opera is one of the most popular cross-platform web browsers in the world, available on Windows,…
Gogs is a free, self-hosted Git service written in Go. It gives you a private GitHub-like…
Elasticsearch is an open-source distributed search and analytics engine built on Apache Lucene. It supports RESTful…
Flask is a free, open-source micro web framework for Python. It is built on Werkzeug and…
Memcached is a free, open-source, high-performance in-memory caching system. It stores data as key-value pairs in…
TensorFlow is a free, open-source machine learning platform developed by Google. It is used by major…