Skip to content

jptosso/coraza-server

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Coraza Server is the most ambitious implementation of Coraza WAF, it's designed to integrate with systems written in different languages, like C, using multiple protocols like SPOA, REST and GRPC.

Installing

To install coraza library you are required to have a C compiler, libinjection and pcre installed, see https://coraza.io/docs/tutorials/dependencies/

If you cannot install these dependencies you may

go install github.com/jptosso/coraza-server/cmd/coraza-server@master

Using as a Container

Using in K8

Configuration

Configuration is not stable yet.

Protocol development status

SPOA

  • API Stability: Unstable
  • Code Stability: Unstable
  • Documentation: Not available yet

REST

  • API Stability: Not designed yet
  • Code Stability: Not written
  • Documentation: Not available yet

GRPC

  • API Stability: Under development
  • Code Stability: Not written
  • Documentation: Not available yet

Installing plugins

To install Coraza plugins you must copy the content from cmd/coraza-server/main.go and add the dependencies named with _, for example:

package main

import (
	"flag"
	"os"
	"sync"

	"github.com/jptosso/coraza-server/config"
	"github.com/jptosso/coraza-server/protocols"
	"github.com/jptosso/coraza-waf"
	"github.com/jptosso/coraza-waf/seclang"
	"github.com/sirupsen/logrus"
	"gopkg.in/yaml.v2"

    // Plugins
    _ "github.com/path/to-plugin"
)

References

TODO

  • Add workers limit to SPOP
  • Document SPOP
  • Create REST protocol
  • Create GRPC protocol
  • Normalize settings
  • Regression tests
  • Replace SPOA library with a custom one

About

This is a WIP

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages