Coraza is an open source, enterprise-grade, high performance Web Application Firewall (WAF) ready to protect your beloved applications. It written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set.
- Website: https://coraza.io
- Forum: Github Discussions
- OWASP Slack Community (#coraza): https://owasp.org/slack/invite
- Rule testing: Coraza Playground
- Planning: Github Projects
Key Features:
- ⇲ Drop-in – Coraza is a drop-in alternative to replace the soon to be abandoned Trustwave ModSecurity Engine and supports industry standard SecLang rule sets.
- Security – Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages.
- Extensible – Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. Audit Loggers, persistence engines, operators, actions, create your own functionalities to extend Coraza as much as you want.
- Performance – From huge websites to small blogs, Coraza can handle the load with minimal performance impact. Check our Benchmarks
- ﹡ Simplicity – Anyone is able to understand and modify the Coraza source code. It is easy to extend Coraza with new functionality.
- Community – Coraza is a community project, contributions are accepted and all ideas will be considered. Find contributor guidance in the CONTRIBUTION document.
Integrations
The Coraza Project maintains implementations and plugins for the following servers:
- Caddy Reverse Proxy and Webserver Plugin (stable, needs a maintainer)
- HAProxy SPOE Plugin (preview)
- Traefik Proxy Plugin (preview, needs maintainer)
- Gin Web Framework Middleware (preview, needs maintainer)
- Apache HTTP Server (experimental)
- Nginx (experimental)
- Coraza C Library (experimental)
- Buffalo Web Framework Middleware (planned)
Plugins
- Coraza GeoIP (preview)
Roadmap
- WASM scripts support
- New rule language
- GraphQL body processor
- TinyGo support
- libcoraza C exports
Prerequisites ( Golang and Linux )
- Golang compiler v1.16+
- Linux distribution (Debian or Centos recommended, Windows not supported yet)
Coraza open-source project Core Usage
Coraza can be used as a library for your Go program to implement a security middleware or integrate it with existing application & webservers.
package main import ( "fmt" "github.com/corazawaf/coraza/v3" ) func main() { // First we initialize our waf and our seclang parser waf, err := coraza.NewWAF(coraza.NewWAFConfig(). WithDirectives(`SecRule REMOTE_ADDR "@rx .*" "id:1,phase:1,deny,status:403"`)) // Now we parse our rules if err != nil { fmt.Println(err) } // Then we create a transaction and assign some variables tx := waf.NewTransaction() defer func() { tx.ProcessLogging() tx.Close() }() tx.ProcessConnection("127.0.0.1", 8080, "127.0.0.1", 12345) // Finally we process the request headers phase, which may return an interruption if it := tx.ProcessRequestHeaders(); it != nil { fmt.Printf("Transaction was interrupted with status %d\n", it.Status) } }
There is no ads to display, Please add some