Giters

Thom-x / traefik-modsecurity-plugin

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container

Home Page:https://pilot.traefik.io/plugins/61c5e78143afb3c24a4ae54c/modsecurity-plugin

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

traefik-plugin

Traefik Modsecurity Plugin

Demo

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache

Github Actions Go Report Go Version Latest Release

Demo

Demo with WAF intercepting relative access in query param.

Demo

Usage (docker-compose.yml)

See docker-compose.yml

  1. docker-compose up
  2. Go to http://localhost:8000/website, the request is received without warnings
  3. Go to http://localhost:8000/website?test=../etc, the request is intercepted and returned with 403 Forbidden by owasp/modsecurity

How it works

This is a very simple plugin that proxies the query to the owasp/modsecurity apache container.

The plugin checks that the response from the waf container hasn't an http code > 400 before forwarding the request to the real service.

If it is > 400, then the error page is returned instead.

The dummy service is created so the waf container forward the request to a service and respond with 200 OK all the time.

Local development (docker-compose.local.yml)

See docker-compose.local.yml

docker-compose -f docker-compose.local.yml up to load the local plugin

About

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container

https://pilot.traefik.io/plugins/61c5e78143afb3c24a4ae54c/modsecurity-plugin

traefik-plugin

License:Apache License 2.0

Languages

Language:Go 89.8%Language:JavaScript 10.2%