cloud-hosting-platform/haproxy-manager-base
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

coraza: pre-CRS Include for runtime per-host exemptions (load-order fix)
All checks were successful
Build and push coraza-spoa / Build-and-Push (push) Successful in 41s
Details
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 54s
Details

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Josh Knapp
2026-05-14 07:55:51 -07:00
parent 489290ed33
commit 6d43308073
3 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
coraza-spoa/config.yaml
View File

@@ -27,6 +27,14 @@ applications:
# the rule pack itself (~16 MB of rules embedded in the binary).
Include @coraza.conf-recommended
Include @crs-setup.conf.example
# Runtime-managed PRE-CRS exclusions written by WHP UI. Empty by default.
# Loaded BEFORE the CRS rules so per-host ctl:ruleRemoveById exemptions
# fire in phase:1 BEFORE the CRS rule they're trying to exempt would
# otherwise match. Server-wide overrides live in local-overrides.conf
# (loaded after CRS) instead.
Include /etc/coraza/pre-overrides.conf
Include @owasp_crs/*.conf
# WHP-specific overrides — day-one enforce list, plus tuning for
@@ -34,7 +42,7 @@ applications:
# to see exactly what blocks vs what's detect-only.
Include /etc/coraza/overrides.conf
# Runtime-managed overrides written by WHP UI. Empty by default.
# Runtime-managed POST-CRS overrides written by WHP UI. Empty by default.
Include /etc/coraza/local-overrides.conf
# Global mode: log all alerts, block only what overrides.conf