We are unsing the ModSecurity-Annotation in our ingress-nginx-controller. We are using the OWAP-Core-Ruleset included with the modsecurity-snipped annotation: enable-modsecurity: "true" modsecurity-snippet: | Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf We've customized several rules and it works well. For some reason our last rule (allowing text/plain)…
their is an ALB associated with WAF. This ALB will be called by both public and other internal IPs. I have enabled GEO Matching rule to allow only ["US"] calls. but the internal private IP don't get labelled with any…
I'm using a ModSecurity WAF for my application that is defined within a k8s ingress. The configuration looks like this: nginx.ingress.kubernetes.io/enable-owasp-core-rules: "true" nginx.ingress.kubernetes.io/enable-modsecurity: "true" nginx.ingress.kubernetes.io/modsecurity-snippet: | SecAuditEngine RelevantOnly SecRuleEngine On SecAuditLogParts AZ SecAuditLog /dev/stdout SecAuditLogFormat JSON SecRequestBodyAccess On SecRequestBodyLimit 104857600…
I want to create a Rate limiting AWS WAF rule for my frontend application, I don't know how much threshold should I need to give because when page loads there is around 50 internal calls happening. Say 5000 people opening…
I created a Standard tier Front Door with the necessary Azure WAF with default configurations. If I do this: Test-NetConnection -ComputerName "<frontdoorurl>-dev-xxxxxx.z01.azurefd.net" -Port 80 ComputerName : <frontdoorurl>-dev-xxxxxx.z01.azurefd.net RemoteAddress : xxxx:xxx:xx:x::xx RemotePort : 80 InterfaceAlias : Ethernet 7 SourceAddress : xxxx:xxxx:xx:xxx:xxxx:xxxx:xxx:xxxx…
I tried to create waf web acl using below terraform script with the region of one of my aws account (abc) as ap-southeast-1 in .aws/config file, But getting below error after applying it. whereas Same script created waf web acl…
I'm working on a WAF policy. Currently, the WAF is on detection mode and I've been creating exclusions and identifying false positives etc. There is one rule I'm struggling to implement and it concerns RFI. Specifically this: Rule ID: 931130…
I'm trying to activate a new Plesk license on a CentOS instance on Google Cloud Platform Compute Engine instance. On the Plesk activation screen, I add my activation code and then receive this error: cURL cannot communicate with license server…