- Joined
- Jan 8, 2019
- Messages
- 56,605
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,451
- Points
- 2,313
- Credits
- 32,570
6 Years of Service
76%
Welcome to OWASP Coraza WAF, Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity’s seclang language and is 100% compatible with OWASP Core Ruleset.
Coraza v2 differences with v1
Full internal API refactor, public API has not changed
Full audit engine refactor with plugins support
New enhanced plugins interface for transformations, actions, body processors, and operators
We are fully compliant with Seclang from modsecurity v2
Many features were removed and transformed into plugins: XML (Mostly), GeoIP, and PCRE regex
Better debug logging
New error logging (like modsecurity)
Why Coraza WAF?
Philosophy
Simplicity: Anyone should be able to understand and modify Coraza WAF’s source code
Extensibility: It should be easy to extend Coraza WAF with new functionalities
Innovation: Coraza WAF isn’t just a ModSecurity port. It must include awesome new functions (in the meantime, it’s just a port
)Community: Coraza WAF is a community project, and all ideas will be considered