Coraza

Coraza is a web application firewall engine designed to filter malicious HTTP traffic using standardized security directives. It functions as a library for embedding request filtering and security transaction processing directly into web servers or reverse proxies.

The engine implements the ModSecurity WAF engine and the OWASP Core Rule Set to identify and block common web attack patterns. It utilizes a library-first integration model, allowing security capabilities to be embedded into a host process as a dependency rather than running as a standalone proxy.

The project covers rule-based pattern matching and traffic inspection through a middleware-based request pipeline. It includes capabilities for geographic traffic filtering via plugins and provides a sandbox environment for validating security rules and verifying deployments before production use.

Features

Web Application Firewalls - Provides a web application firewall engine that filters malicious HTTP traffic using standardized security directives and the OWASP Core Rule Set.

Web Application Firewalls - Provides a web application firewall engine that filters HTTP traffic using the ModSecurity rule set and security directives.

Security Middleware Integrations - Provides the ability to embed security filtering directly into reverse proxies and HTTP servers via plugins or middleware.

HTTP Traffic Inspection - Inspects incoming requests using security policy directives to block or allow traffic based on specific criteria.

Reverse Proxy Security - Embeds security filtering into HTTP proxies to block threats before they reach backend application servers.

Backend Security Middleware - Integrates request filtering directly into a program as a library to handle security logic within the application code.

Standard Security Rule Sets - Applies the OWASP Core Rule Set to identify and block common web attack patterns.

WAF Rule Set Implementations - Implements a common format for security policies to ensure compatibility with industry-standard web application firewall rules.

Library-First Integration Patterns - Implements a library-first integration model that embeds the security engine directly into the host process as a dependency.

Request Pattern Matching - Evaluates request data against a set of predefined security directives using regular expressions and logic operators.

Security Rule Sandboxes - Runs security directives in an isolated environment to verify their behavior without affecting live production traffic.

Middleware-Based Request Pipelines - Processes incoming HTTP transactions through a modular chain of sequential filters to determine if a request should be blocked.

Rule Validation - Tests and verifies security policy behavior in a sandbox environment before deploying rules to a production server.

Security Rule Validation Tools - Provides a dedicated testing engine and sandbox interface to verify the behavior and correctness of security rules.

Plugin-Based Architectures - Extends core filtering capabilities by loading external modules at runtime for tasks like geographic lookups or custom logging.

End-to-End Testing - Enables end-to-end testing against live deployments to confirm the security layer responds correctly to specific HTTP patterns.

Security And Privacy - Web application firewall library.

corazawafcoraza

Features

Star history