chore: upgrades to latest coraza to include SecRuleRemoveByTag docume…

…ntation. (#242)
corazawaf · Feb 5, 2024 · 0ef5a4f · 0ef5a4f
1 parent 445b41f
commit 0ef5a4f
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 6 deletions.
diff --git a/content/docs/seclang/directives.md b/content/docs/seclang/directives.md
@@ -3,7 +3,7 @@ title: "Directives"
 Description: "The following section outlines all of the Coraza directives. "
 lead: "The following section outlines all of the Coraza directives. "
 date: 2020-10-06T08:48:57+00:00
-lastmod: "2023-06-09T11:28:40+02:00"
+lastmod: "2024-02-05T09:55:41+01:00"
 draft: false
 images: []
 menu:
@@ -46,6 +46,21 @@ This directive is commonly used to set variables and initialize persistent colle
 SecAction "nolog,phase:1,initcol:RESOURCE=%{REQUEST_FILENAME}"
 ```
 
+## SecArgumentsLimit
+
+**Description:** Configures the maximum number of ARGS that will be accepted for processing.
+
+**Syntax:** `SecArgumentsLimit [LIMIT]`
+
+**Default:** `1000`
+
+Exceeding the limit will not be included.
+With JSON body processing, there is nothing to do when exceed the limit.
+**Example:**
+```apache
+SecArgumentsLimit 1000
+```
+
 ## SecAuditEngine
 
 **Description:** Configures the audit logging engine.
@@ -427,4 +442,21 @@ The possible values are:
 **Syntax:** `SecRuleRemoveById ...[ID OR RANGE]`
 
 
+## SecRuleRemoveByTag
+
+**Description:** Removes the matching rules from the current configuration context.
+
+**Syntax:** `SecRuleRemoveByTag [TAG]`
+
+Normally, you would use [`SecRuleRemoveById`](#secruleremovebyid) to remove rules, but it may occasionally
+be easier to disable an entire group of rules with [`SecRuleRemoveByTag`](#secruleremovebytag). Matching is
+by case-sensitive string equality.
+
+**Example:**
+```apache
+SecRuleRemoveByTag attack-dos
+```
+
+**Note:** OWASP CRS has a list of supported tags https://coreruleset.org/docs/rules/metadata/
+
 
diff --git a/go.mod b/go.mod
@@ -3,16 +3,17 @@ module github.com/corazawaf/coraza.io
 go 1.19
 
 require (
-	github.com/corazawaf/coraza/v3 v3.0.0
+	github.com/corazawaf/coraza/v3 v3.0.5-0.20240205085451-fc71a09e809b
 	github.com/magefile/mage v1.15.0
 )
 
 require (
-	github.com/corazawaf/libinjection-go v0.1.2 // indirect
-	github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 // indirect
-	github.com/tidwall/gjson v1.14.4 // indirect
+	github.com/corazawaf/libinjection-go v0.1.3 // indirect
+	github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e // indirect
+	github.com/tidwall/gjson v1.17.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
-	golang.org/x/net v0.10.0 // indirect
+	golang.org/x/net v0.20.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
 	rsc.io/binaryregexp v0.2.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -1,15 +1,27 @@
 github.com/corazawaf/coraza/v3 v3.0.0 h1:GvTzxcgtfQ76LneYL19Nkb1/T+2E/s3BRAOEt6h2sY0=
 github.com/corazawaf/coraza/v3 v3.0.0/go.mod h1:MjV/iyO+B+JcVEWUJi4O2r1sfHeFzlF28MnvAqWfea0=
+github.com/corazawaf/coraza/v3 v3.0.4 h1:Llemgoh0hp2NggCwcWN8lNiV4Pfe+AWzf1oEcasT234=
+github.com/corazawaf/coraza/v3 v3.0.4/go.mod h1:3fTYjY5BZv3nezLpH6NAap0gr3jZfbQWUAu2GF17ET4=
+github.com/corazawaf/coraza/v3 v3.0.5-0.20240205081452-e5fae9f78d28 h1:Was3LvnqKoVUeH9Rc9yzG/Q2iB/L7QA0cIMpEjW9Tw0=
+github.com/corazawaf/coraza/v3 v3.0.5-0.20240205081452-e5fae9f78d28/go.mod h1:I7usXIDZaMdBqAW36vtPagZzMBK6W5StZUbnbRSR4RY=
+github.com/corazawaf/coraza/v3 v3.0.5-0.20240205085451-fc71a09e809b h1:tXH1yUNH3ME81zBuonCSv2AhZFCQ0UMqjQ2xgSP3m+o=
+github.com/corazawaf/coraza/v3 v3.0.5-0.20240205085451-fc71a09e809b/go.mod h1:I7usXIDZaMdBqAW36vtPagZzMBK6W5StZUbnbRSR4RY=
 github.com/corazawaf/libinjection-go v0.1.2 h1:oeiV9pc5rvJ+2oqOqXEAMJousPpGiup6f7Y3nZj5GoM=
 github.com/corazawaf/libinjection-go v0.1.2/go.mod h1:OP4TM7xdJ2skyXqNX1AN1wN5nNZEmJNuWbNPOItn7aw=
+github.com/corazawaf/libinjection-go v0.1.3 h1:PUplAYho1BBl0tIVbhDsNRuVGIeUYSiCEc9oQpb2rJU=
+github.com/corazawaf/libinjection-go v0.1.3/go.mod h1:OP4TM7xdJ2skyXqNX1AN1wN5nNZEmJNuWbNPOItn7aw=
 github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
 github.com/magefile/mage v1.15.0 h1:BvGheCMAsG3bWUDbZ8AyXXpCNwU9u5CB6sM+HNb9HYg=
 github.com/magefile/mage v1.15.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
 github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
 github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 h1:lL+y4Xv20pVlCGyLzNHRC0I0rIHhIL1lTvHizoS/dU8=
 github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
+github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e h1:POJco99aNgosh92lGqmx7L1ei+kCymivB/419SD15PQ=
+github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
 github.com/tidwall/gjson v1.14.4 h1:uo0p8EbA09J7RQaflQ1aBRffTR7xedD2bcIVSYxLnkM=
 github.com/tidwall/gjson v1.14.4/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
+github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
 github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
 github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
@@ -18,6 +30,10 @@ github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhso
 golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
 golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
+golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
+golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
+golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
 golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
 rsc.io/binaryregexp v0.2.0 h1:HfqmD5MEmC0zvwBuF187nq9mdnXjXsSivRiXN7SmRkE=