Custom coraza/crs rules per host/ingress
Hello all!
I'm using Crowdsec with traefik in kubernetes. Very simply, is a way to apply different appsec/coraza rules per ingress?
For instance in my current setup, if I hit test.example.com it routes through traefik, which uses a traefik middleware plugin to pass the traffik to coraza. That coraza middleware contains custom rules for that specific ingress. It looks like this:
With Crowdsec, I see how I could use a pre_eval filter to remove Coraza rules by host, something like this:
However, I don't see how to define more complicated coraza rules, e.g. using an apply action to point to specific inband_rules, such as these:
I tried creating a custom config and ruleset (including mapping it in as a configmap into the right location). The custom config works fine, but again, I don't see a way to apply the example custom rules per ingress.
This is the final blocker for me to move from Coraza to Crowdsec, I would really appreciate any advice on how to accomplish this. Thanks!
I'm using Crowdsec with traefik in kubernetes. Very simply, is a way to apply different appsec/coraza rules per ingress?
For instance in my current setup, if I hit test.example.com it routes through traefik, which uses a traefik middleware plugin to pass the traffik to coraza. That coraza middleware contains custom rules for that specific ingress. It looks like this:
With Crowdsec, I see how I could use a pre_eval filter to remove Coraza rules by host, something like this:
However, I don't see how to define more complicated coraza rules, e.g. using an apply action to point to specific inband_rules, such as these:
I tried creating a custom config and ruleset (including mapping it in as a configmap into the right location). The custom config works fine, but again, I don't see a way to apply the example custom rules per ingress.
This is the final blocker for me to move from Coraza to Crowdsec, I would really appreciate any advice on how to accomplish this. Thanks!
