Search the Community

Welcome to OWASP Coraza WAF, Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity’s seclang language and is 100% compatible with OWASP Core Ruleset. Coraza v2 differences with v1 Full internal API refactor, public API has not changed Full audit engine refactor with plugins support New enhanced plugins interface for transformations, actions, body processors, and operators We are fully compliant with Seclang from modsecurity v2 Many features were removed and transformed into plugins: XML (Mostly), GeoIP, and PCRE regex Better debug logging New error logging (like modsecurity) Why Coraza WAF? Philosophy Simplicity: Anyone should be able to understand and modify Coraza WAF’s source code Extensibility: It should be easy to extend Coraza WAF with new functionalities Innovation: Coraza WAF isn’t just a ModSecurity port. It must include awesome new functions (in the meantime, it’s just a port 😅) Community: Coraza WAF is a community project, and all ideas will be considered [hide][Hidden Content]]