Hi,
thanks for your work, it's working great. I'm just curious why blocked requests get a response with the code 200. Only the body tells you, that the request resulted in a 403. I would expect that a blocked request gets a 403-response.
Is this a design choice or are there technical difficulties in bypassing the http code?

current state:

$ http get "http://localhost:8000/website?path=../etc"
... 200 OK ...

expectation:

$ http get "http://localhost:8000/website?path=../etc"
... 403 forbidden ...

Thanks:)
Lukas

Hi,
I have some more information to this issue. I tried to install this plugin locally, without traefik-pilot(see: https://traefik.io/blog/using-private-plugins-in-traefik-proxy-2-5/). And now it's working as expected. The response status_code is 403 for blocked requests.

problematic config(returns 200 for blocked requests):

- --pilot.token=XXX
- --experimental.plugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin
- --experimental.plugins.traefik-modsecurity-plugin.version=v1.0.1

working config(returns 403 for blocked requests):
I've mounted your repository to /plugins-local/src/github.com/acouvreur/traefik-modsecurity-plugin inside the container and changed the command-part inside docker-compose.yml:

- --experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin

My plan was anyway to use local plugins, so for me it's not a problem anymore.