Coraza WAF Gin-gonic middleware

This is a test middleware for Ginonic powered by Coraza Web Application Firewall. You may check the WAF documentation at coraza.io

Looking for contributors and testers.

Important

If you are running Coraza without the CGO dependencies (libinjection and libpcre), first set CGO_ENABLED to 0:

export CGO_ENABLED=0

How to use

import(
    //...
    coraza"github.com/jptosso/coraza-waf"
    "github.com/jptosso/coraza-waf/seclang"
    corazagin"github.com/jptosso/coraza-gin"
)
func main() {
    // Creates a router without any middleware by default
    r := gin.New()
    waf := coraza.NewWaf()
    parser := seclang.NewParser(waf)
    //parser.FromString(`#... some rules`)
    r.Use(corazagin.Coraza(waf))

    // Per route middleware, you can add as many as you desire.
    r.GET("/mypath", MyFunction(), Endpoint)

    // Listen and serve on 0.0.0.0:8080
    r.Run(":8080")
}
Owner
Juan Pablo Tosso
I like computers. I really do.
Juan Pablo Tosso
https://github.com/jptosso/coraza-gin
Similar Resources

GO API with Gin Gonic with postgresql using gorp

GO API with Gin Gonic with postgresql using gorp Tips: Make sure you have project in src folder of $GOPATH Also, iniitalize go mod init project-name a

Jul 28, 2022

Implementation of clean architecture in golang with gin-gonic & gorm

Boilerplate API Boilerplate API template includes all the common packages and setup used for API development in this Company. Development Copy .env.ex

Feb 15, 2022

A high performance gin middleware to cache http response. Compared to gin-contrib/cache, It has a huge performance improvement. 高性能gin缓存中间件,相比于官方版本,有明显性能提升。

A high performance gin middleware to cache http response. Compared to gin-contrib/cache, It has a huge performance improvement. 高性能gin缓存中间件,相比于官方版本,有明显性能提升。

A high performance gin middleware to cache http response. Compared to gin-contrib/cache. It has a huge performance improvement.

Dec 28, 2022

Gin-cache - Gin cache middleware with golang

Gin-cache - Gin cache middleware with golang

Nov 28, 2022

A web-based testing platform for WAF (Web Application Firewall)'s correctness

WAFLab 🐾 WAFLab is a web-based platform for testing WAFs. Live Demo https://waflab.org/ Architecture WAFLab contains 2 parts: Name Description Langua

Oct 25, 2022

Akuma Scan comes with the purpose of scanning/detecting WAF (Web Application Firewall) on a certain website. Made to be easy, accurate and agile.

.m. ,_ ' ;M; ,;m ` ;M;.

Mar 21, 2022

A service which updates the WAF IP blocklist

autowaf A service which updates the WAF IP blocklist Development Project is currently in development phase. Build Build and run locally go build -o au

Nov 8, 2021

Api-waf-example-cdk - Demo using sam to drive a CDK serverless api

CDK SAM Demo Demo using sam to drive a CDK serverless api Stack Setup go build -

Feb 5, 2022

OAuth 2.0 middleware service for chi (ported from gin by community member)

oauth middleware OAuth 2.0 Authorization Server & Authorization Middleware for go-chi This library was ported to go-chi from https://github.com/maxzer

Dec 8, 2022

URL Rewrite middleware for gin

Url Rewrite middleware for gin Example In this exable these urls use the same route http://localhost:1234/test-me http://localhost:1234/index.php/test

Sep 15, 2022

Gin middleware/handler to enable CORS support.

wcors Gin middleware/handler to enable CORS support. Usage Start using it Download and install it: go get github.com/wyy-go/wcors Import it in your co

Jan 8, 2022

Gin middleware for session.

wsession Gin middleware for session management with multi-backend support: cookie-based Redis memstore Usage Start using it Download and install it: g

Jan 9, 2022

Gin Middleware to extract json tag value from playground validator's errors validation

Json Tag Extractor for Go-Playground Validator This is Gin Middleware that aim to extract json tag and than store it to FieldError.Field() object. Ins

Jan 14, 2022

Gin adapter for standard net/http middleware

midgin An adapter to use standard net/http middleware in Gin. Overview Gin is a very capable web framework, but it does not directly support standard

Feb 12, 2022

gin auto binding,grpc, and annotated route,gin 注解路由, grpc,自动参数绑定工具

gin auto binding,grpc, and annotated route,gin 注解路由, grpc,自动参数绑定工具

中文文档 Automatic parameter binding base on go-gin doc Golang gin automatic parameter binding Support for RPC automatic mapping Support object registrati

Jan 3, 2023

Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.

Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.

Gin Web Framework Gin is a web framework written in Go (Golang). It features a martini-like API with performance that is up to 40 times faster thanks

Jan 2, 2023

Gin best practices, gin development scaffolding, too late to explain, get on the bus.

Table of Contents generated with DocToc gin_scaffold 现在开始 文件分层 log / redis / mysql / http.client 常用方法 swagger文档生成 gin_scaffold Gin best practices, gin

Dec 27, 2022

Swagger + Gin = SwaGin, a web framework based on Gin and Swagger

Swagger + Gin = SwaGin, a web framework based on Gin and Swagger

Swagger + Gin = SwaGin Introduction SwaGin is a web framework based on Gin and Swagger, which wraps Gin and provides built-in swagger api docs and req

Dec 30, 2022

Swagger + Gin = SwaGin, a web framework based on Gin and Swagger

Swagger + Gin = SwaGin, a web framework based on Gin and Swagger

Swagger + Gin = SwaGin Introduction SwaGin is a web framework based on Gin and Swagger, which wraps Gin and provides built-in swagger api docs and req

Dec 30, 2022
Comments
  • Upgrade deps, change to new upstream repo

    Upgrade deps, change to new upstream repo

    Upgraded dependencies and changed the upstream to corazawaf/coraza repository.

    Have you thought of migrating this repo under the corazawaf organization?

  • When a request hits the configured rule, perhaps we should interrupt it

    When a request hits the configured rule, perhaps we should interrupt it

    change c.JSON(http.StatusForbidden, gin.H{"status": "interrupted", "transaction": tx.ID}) to c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"status": "interrupted", "transaction": tx.ID})

Related tags
Security middleware waf gin-gonic
Coraza WAF is a golang modsecurity compatible web application firewall library
 Coraza WAF is a golang modsecurity compatible web application firewall library

Coraza Web Application Firewall, this project is a Golang port of ModSecurity with the goal to become the first enterprise-grade Open Source Web Application Firewall, flexible and powerful enough to serve as the baseline for many projects.

Jan 9, 2023
A web-based testing platform for WAF (Web Application Firewall)'s correctness

WAFLab ?? WAFLab is a web-based platform for testing WAFs. Live Demo https://waflab.org/ Architecture WAFLab contains 2 parts: Name Description Langua

Oct 25, 2022
Akuma Scan comes with the purpose of scanning/detecting WAF (Web Application Firewall) on a certain website. Made to be easy, accurate and agile.

.m. ,_ ' ;M; ,;m ` ;M;.

Mar 21, 2022
HTTP middleware for Go that facilitates some quick security wins.

Secure Secure is an HTTP middleware for Go that facilitates some quick security wins. It's a standard net/http Handler, and can be used with many fram

Jan 3, 2023
Package csrf is a middleware that generates and validates CSRF tokens for Flamego

csrf Package csrf is a middleware that generates and validates CSRF tokens for Flamego.

Nov 25, 2022
Coraza Server is the most ambitious implementation of Coraza WAF

Coraza Server is the most ambitious implementation of Coraza WAF, it's designed to integrate with systems written in different languages, like C, using multiple protocols like SPOA, REST and GRPC.

Dec 29, 2022
Coraza WAF is a golang modsecurity compatible web application firewall library
 Coraza WAF is a golang modsecurity compatible web application firewall library

Coraza Web Application Firewall, this project is a Golang port of ModSecurity with the goal to become the first enterprise-grade Open Source Web Application Firewall, flexible and powerful enough to serve as the baseline for many projects.

Jan 9, 2023
Gin-errorhandling - Gin Error Handling Middleware is a middleware for the popular Gin framework

Gin Error Handling Middleware Gin Error Handling Middleware is a middleware for

Sep 19, 2022
gin-gonic/gin metrics for prometheus.
gin-gonic/gin metrics for prometheus.

gin-metrics gin-gonic/gin metrics exporter for Prometheus. 中文 Introduction gin-metrics defines some metrics for gin http-server. There have easy way t

Jan 1, 2023
A single sign-on solution based on go-oauth2 / oauth2 and gin-gonic/gin

A single sign-on solution based on go-oauth2 / oauth2 and gin-gonic/gin

Nov 17, 2021