Lua implementation of the libcoraza for modsecurity Web Application Firewall.
-
clone the repository
git clone https://github.com/potats0/coraza.git -
Build the source && Installation
cd coraza
./build.sh
./configure
make
sudo make install
libcoraza.so will be installed at /usr/local/lib
coreruleset is an opensource waf rules.
- clone the repository
git clone --recurse-submodules https://github.com/coreruleset/coreruleset
opm get potats0/lua-resty-corazainit_worker_by_lua_block{
coraza = require "resty.coraza"
waf = coraza.create_waf()
-- add rule from file
coraza.rules_add_file(waf, "%s/t/coraza.conf")
-- your corerule set, add rule from directive
coraza.rules_add(waf, "Include %s/t/coreruleset/crs-setup.conf.example")
coraza.rules_add(waf, "Include %s/t/coreruleset/rules/*.conf")
}
location /t {
access_by_lua_block {
coraza.do_create_transaction(waf)
coraza.do_access_filter()
coraza.do_interrupt()
}
content_by_lua_block {
ngx.say("passed")
}
header_filter_by_lua_block{
coraza.do_header_filter()
coraza.do_interrupt()
}
body_filter_by_lua_block{
coraza.do_body_filter()
}
log_by_lua_block{
coraza.do_log()
coraza.do_free_transaction()
}
}if you need more log for debug, please turn on the debug on nginx.
error_log logs/error.log debug;
- block response when detected the event