Skip to content

Wrapper library to consume CRS in coraza without including files

License

Notifications You must be signed in to change notification settings

corazawaf/coraza-coreruleset

Repository files navigation

Coraza Coreruleset

Coraza Coreruleset is a Go package meant to provide the OWASP CRS in an easy and consumable way to be embedded in a Go application. Alongside the unmodified CRS, the Coraza configuration file is also provided.

Usage

In order to use CRS, you need to load the coreruleset FileSystem:

import "github.com/corazawaf/coraza-coreruleset/v4"

func main() {
    // ...
    waf, err := coraza.NewWAF(
        coraza.NewWAFConfig().
            WithDirectives("Include @owasp_crs/REQUEST-911-METHOD-ENFORCEMENT.conf").
            WithRootFS(coreruleset.FS),
    )
    // ...
}

You can also combine both CRS and your local files by combining the filesystems:

import (
    "github.com/corazawaf/coraza-coreruleset/v4"
    "github.com/jcchavezs/mergefs"
    "github.com/jcchavezs/mergefs/io"
 )

// ...

func main() {
    // ...
    waf, err := coraza.NewWAF(
        coraza.NewWAFConfig().
            WithDirectives(`
                Include @owasp_crs/REQUEST-911-METHOD-ENFORCEMENT.conf
                Include my/local/rule.conf
            `).
            WithRootFS(mergefs.Merge(coreruleset.FS, io.OSFS)),
    )
    // ...
}

How to update to a newer CRS and Coraza config version

  1. Update the crsVersion and corazaVersion constants in version.go with the wished CRS and Coraza commit SHA or tags.
  2. Run go run mage.go downloadDeps.
  3. Double check the changes made under the /rules and /tests directories.
  4. Commit your changes.

About

Wrapper library to consume CRS in coraza without including files

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages