You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Caddy and Coraza is a service and it is build from a Dockerfile
docker compose up -d
c. Dockerfile:
FROM caddy:builder AS builder
RUN xcaddy build \
--with github.com/corazawaf/coraza-caddy \
--with github.com/caddy-dns/gandi
FROM caddy:alpine
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
RUN set -eux; \
apk add --no-cache libcap tzdata; \
setcap cap_net_bind_service=ep /usr/bin/caddy; \
addgroup -g 2023 -S www-caddy; \
adduser -u 2023 -D -S -G www-caddy www-caddy; \
chown -R www-caddy /data /var/log
USER www-caddy
WORKDIR /srv
CMD ["/usr/bin/caddy", "run", "--config", "/Caddyfile", "--adapter", "caddyfile"]
d. My complete Caddy config:
{
order coraza_waf first
persist_config off
log {
level INFO
output file /var/log/caddy/caddy.log
}
servers {
timeouts {
idle 10s
read_body 1m
read_header 10s
}
max_header_size 4KB
}
}
# Default server block that will respond with a "Not found" message for all requests to port 443
:443 {
log
respond "Not found" 404
}
# Default server block that will respond with a "Not found" message for all requests to port 80
:80 {
log
respond "Not found" 404
}
{$DOMAIN} {
log
coraza_waf {
directives `
Include /ruleset/coraza.conf
Include /ruleset/vaultwarden/crs-setup.conf
Include /ruleset/coreruleset/rules/*.conf
`
}
request_body {
max_size 100MB
}
# Handle vaultwarden sends with file upload.
@not-api not path /api/sends/*
request_body @not-api {
max_size 100KB
}
encode gzip
tls {
dns gandi {$GANDI_API_KEY}
}
# By default, Vaultwarden actually handle a lot Web Security Header and caching.
header {
Strict-Transport-Security "max-age=15768000;"
Referrer-Policy "no-referrer"
X-Robots-Tag "none"
}
@insecureadmin {
not remote_ip 192.168.1.0/24
path /admin*
}
redir @insecureadmin /
reverse_proxy vaultwarden:60278 {
header_up X-Real-IP {remote_host}
}
}
e. CRS version:
from crs-setup.conf: tx.crs_setup_version=400
The text was updated successfully, but these errors were encountered:
1. The problem I'm having:
Hello,
We don't have the value of the msg field in the anomaly score log wich have the rule id 980170.
this was already reported and fix in #684
2. Expected behavior :
We should have a log like this one.
3. Actual behavior - Error messages and/or full log output:
Actually the rule 980170 is trigerred but we have no msg.
4. Caddy version:
5. How I installed and ran Caddy and Coraza:
a. System environment:
I'm using a raspeberrypi 4B
Docker version
b. Command:
Caddy and Coraza is a service and it is build from a Dockerfile
c. Dockerfile:
d. My complete Caddy config:
e. CRS version:
from crs-setup.conf:
tx.crs_setup_version=400
The text was updated successfully, but these errors were encountered: