Files
higress/plugins/wasm-go/extensions/waf/wasmplugin/rules/ftw-config.conf
2023-06-28 19:25:36 +08:00

37 lines
1.5 KiB
Plaintext

# Overrides default SecResponseBodyMimeType in order to add application/json (httpbin response Content-Type)
SecResponseBodyMimeType text/plain text/html text/xml application/json
# crs-setup.conf.example defaults SecAction only for phase 1 and 2.
# Adding logs for phase 3, 4 and 5 otherwise go-ftw is not able to detected the triggered rules
SecDefaultAction "phase:3,log,auditlog,pass"
SecDefaultAction "phase:4,log,auditlog,pass"
SecDefaultAction "phase:5,log,auditlog,pass"
SecDebugLogLevel 3
# Rule 900005 from https://github.com/coreruleset/coreruleset/blob/v4.0/dev/tests/regression/README.md#requirements
# By default rule 900340 is commented, therefore max_file_size is added to 900005 in order to test 920400-* rules
SecAction "id:900005,\
phase:1,\
nolog,\
pass,\
ctl:ruleEngine=DetectionOnly,\
ctl:ruleRemoveById=910000,\
setvar:tx.blocking_paranoia_level=4,\
setvar:tx.crs_validate_utf8_encoding=1,\
setvar:tx.arg_name_length=100,\
setvar:tx.arg_length=400,\
setvar:tx.total_arg_length=64000,\
setvar:tx.max_num_args=255,\
setvar:tx.max_file_size=64100,\
setvar:tx.combined_file_sizes=65535"
# Write the value from the X-CRS-Test header as a marker to the log
# Requests with X-CRS-Test header will not be matched by any rule. See https://github.com/coreruleset/go-ftw/pull/133
SecRule REQUEST_HEADERS:X-CRS-Test "@rx ^.*$" \
"id:999999,\
phase:1,\
pass,\
t:none,\
log,\
msg:'X-CRS-Test %{MATCHED_VAR}',\
ctl:ruleRemoveById=1-999999"