reformat caddyfiles, userfriendly console format for the example

corazawaf · Sep 26, 2023 · e9d6b8a · e9d6b8a
1 parent 79754fb
commit e9d6b8a
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 33 deletions.
diff --git a/e2e/Caddyfile b/e2e/Caddyfile
@@ -1,28 +1,28 @@
 {
-    debug
-    auto_https off
-    order coraza_waf first
+	debug
+	auto_https off
+	order coraza_waf first
 }
 
 :8080 {
 	coraza_waf {
 		load_owasp_crs
 		directives `
-			SecRuleEngine On
-			SecRequestBodyAccess On			
-			SecResponseBodyMimeType application/json
-			# Custom rule for Coraza config check (ensuring that these configs are used)
-			SecRule &REQUEST_HEADERS:coraza-e2e "@eq 0" "id:100,phase:1,deny,status:424,log,msg:'Coraza E2E - Missing header'"
-			# Custom rules for e2e testing
-			SecRule REQUEST_URI "@streq /admin" "id:101,phase:1,t:lowercase,log,deny,status:403"
-			SecRule REQUEST_BODY "@rx maliciouspayload" "id:102,phase:2,t:lowercase,log,deny,status:403"
-			SecRule RESPONSE_HEADERS:pass "@rx leak" "id:103,phase:3,t:lowercase,log,deny,status:403"
-			SecRule RESPONSE_BODY "@contains responsebodycode" "id:104,phase:4,t:lowercase,log,deny,status:403"
-			# Custom rules mimicking the following CRS rules: 941100, 942100, 913100
-			SecRule ARGS_NAMES|ARGS "@detectXSS" "id:9411,phase:2,t:none,t:utf8toUnicode,t:urlDecodeUni,t:htmlEntityDecode,t:jsDecode,t:cssDecode,t:removeNulls,log,deny,status:403"
-			SecRule ARGS_NAMES|ARGS "@detectSQLi" "id:9421,phase:2,t:none,t:utf8toUnicode,t:urlDecodeUni,t:removeNulls,multiMatch,log,deny,status:403"
-			SecRule REQUEST_HEADERS:User-Agent "@pm grabber masscan" "id:9131,phase:1,t:none,log,deny,status:403"
-			SecResponseBodyAccess On
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyMimeType application/json
+		# Custom rule for Coraza config check (ensuring that these configs are used)
+		SecRule &REQUEST_HEADERS:coraza-e2e "@eq 0" "id:100,phase:1,deny,status:424,log,msg:'Coraza E2E - Missing header'"
+		# Custom rules for e2e testing
+		SecRule REQUEST_URI "@streq /admin" "id:101,phase:1,t:lowercase,log,deny,status:403"
+		SecRule REQUEST_BODY "@rx maliciouspayload" "id:102,phase:2,t:lowercase,log,deny,status:403"
+		SecRule RESPONSE_HEADERS:pass "@rx leak" "id:103,phase:3,t:lowercase,log,deny,status:403"
+		SecRule RESPONSE_BODY "@contains responsebodycode" "id:104,phase:4,t:lowercase,log,deny,status:403"
+		# Custom rules mimicking the following CRS rules: 941100, 942100, 913100
+		SecRule ARGS_NAMES|ARGS "@detectXSS" "id:9411,phase:2,t:none,t:utf8toUnicode,t:urlDecodeUni,t:htmlEntityDecode,t:jsDecode,t:cssDecode,t:removeNulls,log,deny,status:403"
+		SecRule ARGS_NAMES|ARGS "@detectSQLi" "id:9421,phase:2,t:none,t:utf8toUnicode,t:urlDecodeUni,t:removeNulls,multiMatch,log,deny,status:403"
+		SecRule REQUEST_HEADERS:User-Agent "@pm grabber masscan" "id:9131,phase:1,t:none,log,deny,status:403"
+		SecResponseBodyAccess On
 		`
 	}
 	reverse_proxy {$HTTPBIN_HOST:localhost}:8081

diff --git a/example/Caddyfile b/example/Caddyfile
@@ -1,25 +1,29 @@
 {
-    debug
-    auto_https off
-    order coraza_waf first
+	debug
+	auto_https off
+	order coraza_waf first
+	log {
+		format console
+		level info
+	}
 }
 
 :8080 {
 	coraza_waf {
 		load_owasp_crs
 		directives `
-			Include @coraza.conf-recommended
-			Include @crs-setup.conf.example
-			Include @owasp_crs/*.conf
-			SecRuleEngine On
-			SecDebugLog /dev/stdout
-			SecDebugLogLevel 9
-		    SecRule REQUEST_URI "@streq /admin" "id:101,phase:1,t:lowercase,deny,status:403"
-			SecRule REQUEST_BODY "@rx maliciouspayload" "id:102,phase:2,t:lowercase,deny,status:403"
-			SecRule RESPONSE_HEADERS::status "@rx 406" "id:103,phase:3,t:lowercase,deny,status:403"
-			SecResponseBodyAccess On
-			SecResponseBodyMimeType application/json
-			SecRule RESPONSE_BODY "@contains responsebodycode" "id:104,phase:4,t:lowercase,deny,status:403"
+		Include @coraza.conf-recommended
+		Include @crs-setup.conf.example
+		Include @owasp_crs/*.conf
+		SecRuleEngine On
+		SecDebugLog /dev/stdout
+		SecDebugLogLevel 9
+		SecRule REQUEST_URI "@streq /admin" "id:101,phase:1,t:lowercase,deny,status:403"
+		SecRule REQUEST_BODY "@rx maliciouspayload" "id:102,phase:2,t:lowercase,deny,status:403"
+		SecRule RESPONSE_HEADERS::status "@rx 406" "id:103,phase:3,t:lowercase,deny,status:403"
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType application/json
+		SecRule RESPONSE_BODY "@contains responsebodycode" "id:104,phase:4,t:lowercase,deny,status:403"
 		`
 	}
 	reverse_proxy {$HTTPBIN_HOST:localhost}:8081