jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-03-02 07:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7e6168a644c0c9c625fbe29331d83e00a48da2fd
higress/plugins/wasm-go/extensions/waf/README.md
澄潭 c7c4ae1da2 update plugins doc (#1305)
2024-09-12 21:48:40 +08:00

38 lines
1.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: WAF
keywords: [higress,waf]
description: WAF 插件配置参考
---
## 功能说明
waf插件实现了基于ModSecurity的规则防护引擎可以根据用户配置的规则屏蔽可疑请求并支持OWASP CRS为站点提供基础的防护功能。
## 运行属性
插件执行阶段:`授权阶段`
插件执行优先级:`330`
## 配置字段
| 名称 | 数据类型 | 填写要求 | 默认值 | 描述 |
| -------- | -------- | -------- | -------- | -------- |
| useCRS | bool | 选填 | false | 是否开启OWASP CRS详情可参考[coreruleset](https://github.com/coreruleset/coreruleset/tree/v3.3.2) |
| secRules | array of string | 选填 | - | 用户自定义的waf防护规则语法规则可参考[ModSecurity中文手册](http://www.modsecurity.cn/chm/) |
## 配置示例
```yaml
useCRS: true
secRules:
- "SecDebugLogLevel 3"
- "SecRuleEngine On"
- "SecAction \"id:100,phase:1,pass\""
- "SecRule REQUEST_URI \"@streq /admin\" \"id:101,phase:1,t:lowercase,deny\""
- "SecRule REQUEST_BODY \"@rx maliciouspayload\" \"id:102,phase:2,t:lowercase,deny\""
```
根据该配置,以下请求将被禁止访问:
```bash
curl http://example.com/admin
curl http://example.com -d "maliciouspayload"
```
Reference in New Issue View Git Blame Copy Permalink