mirror of
https://github.com/alibaba/higress.git
synced 2026-02-06 23:21:08 +08:00
title, keywords, description
| title | keywords | description | ||
|---|---|---|---|---|
| WAF |
|
WAF plugin configuration reference |
Function Description
The waf plugin implements a ModSecurity-based rule protection engine, which can block suspicious requests based on user-defined rules, and supports OWASP CRS, providing basic protection features for the site.
Running Attributes
Plugin execution phase: authorization phase
Plugin execution priority: 330
Configuration Fields
| Name | Data Type | Filling Requirements | Default Value | Description |
|---|---|---|---|---|
| useCRS | bool | Optional | false | Whether to enable OWASP CRS, for details refer to coreruleset |
| secRules | array of string | Optional | - | User-defined WAF protection rules, syntax rules can refer to ModSecurity Chinese Manual |
Configuration Example
useCRS: true
secRules:
- "SecDebugLogLevel 3"
- "SecRuleEngine On"
- "SecAction \"id:100,phase:1,pass\""
- "SecRule REQUEST_URI \"@streq /admin\" \"id:101,phase:1,t:lowercase,deny\""
- "SecRule REQUEST_BODY \"@rx maliciouspayload\" \"id:102,phase:2,t:lowercase,deny\""
Based on this configuration, the following requests will be prohibited from access:
curl http://example.com/admin
curl http://example.com -d "maliciouspayload"