pretecno/crowdsec-bouncer-traefik-plugin
3
0
Fork 0
mirror of https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin.git synced 2025-11-08 15:15:05 +01:00
Code Issues Packages Releases Activity
Files
b68c692ed14d0a0e8d3f45c88b1f143a576404cd
crowdsec-bouncer-traefik-pl…/examples/appsec-enabled/README.md
maxlerebourg b68c692ed1 add support for appsec in crowdsec (#123) 
*  add support for appsec in crowdsec

* 🐛 lint

* 🐛 fix lint

* 🐛 fix lint

* 🐛 fix lint

* fix: comments

* 🐛 lint and doc

* 🐛 fix comment and lint

* 📝 Start documentation for appsec with exemple

* 📝 Fix readme typos and update example

* 🚨 Fix Lint

---------

Co-authored-by: Mathieu Hanotaux <mathieu@hanotaux.fr>
2024-01-24 14:11:34 +01:00

876 B
Raw Blame History

Example

Enabling AppSec WAF feature from crowdsec

You mostly need to configure Crowdsec for this to work by enabling virtual patching and configuring some custom rules. In the example we use a whoami container protected by crowdsec with virtual patching enabled.

The Traefik instance just needs to know where appsec engine is located

  labels:
      
      - "traefik.http.middlewares.crowdsec-bar.plugin.bouncer.crowdsecappsecenabled=true"
      - "traefik.http.middlewares.crowdsec-bar.plugin.bouncer.crowdsecappsechost=crowdsec:7422"

We can try to query normally the whoami server:

curl http://localhost:8000/foo

And then we verify that a malicious request will be blocked:

curl http://localhost:8000/foo/rpc2

You should get a 403 on http://localhost:8000/foo/rpc2

To play the demo environment run:

make run_appsec
Reference in New Issue View Git Blame Copy Permalink