/coraza-coreruleset

Wrapper library to consume CRS in coraza without including files

Primary LanguageGoApache License 2.0Apache-2.0

Coraza Coreruleset

Usage

In order to use CRS, you need to load the coreruleset FileSystem:

import "github.com/corazawaf/coraza-coreruleset"

func main() {
    // ...
    waf, err := coraza.NewWAF(
        coraza.NewWAFConfig().
            WithDirectives("Include @owasp_crs/REQUEST-911-METHOD-ENFORCEMENT.conf").
            WithRootFS(coreruleset.FS),
    )
    // ...
}

You can also combine both CRS and your local files by combining the filesystems:

import (
    "github.com/corazawaf/coraza-coreruleset"
    "github.com/jcchavezs/mergefs"
    "github.com/jcchavezs/mergefs/io"
 )

// ...

func main() {
    // ...
    waf, err := coraza.NewWAF(
        coraza.NewWAFConfig().
            WithDirectives(`
                Include @owasp_crs/REQUEST-911-METHOD-ENFORCEMENT.conf
                Include my/local/rule.conf
            `).
            WithRootFS(mergefs.Merge(coreruleset.FS, io.OSFS)),
    )
    // ...
}

How to update to a newer CRS version

  1. Update the crsVersion constant in version.go with the wished CRS commit SHA.
  2. Run mage downloadCRS.
  3. Commit your changes.