{"id":22070978,"url":"https://github.com/vshn/waf-tool","last_synced_at":"2025-07-24T08:36:31.157Z","repository":{"id":37023017,"uuid":"235804193","full_name":"vshn/waf-tool","owner":"vshn","description":"Helper tool to generate ModSecurity rule exclusions","archived":false,"fork":false,"pushed_at":"2024-11-18T22:10:33.000Z","size":241,"stargazers_count":5,"open_issues_count":14,"forks_count":1,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-11-18T23:21:03.410Z","etag":null,"topics":["modsecurity","tuning","vshn-project-ignore"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vshn.png","metadata":{"files":{"readme":"README.adoc","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-23T13:49:25.000Z","updated_at":"2024-01-10T12:53:41.000Z","dependencies_parsed_at":"2024-01-17T22:48:37.414Z","dependency_job_id":"6c37561f-b8f4-4d2b-96d5-92c566ff3f86","html_url":"https://github.com/vshn/waf-tool","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vshn%2Fwaf-tool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vshn%2Fwaf-tool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vshn%2Fwaf-tool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vshn%2Fwaf-tool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vshn","download_url":"https://codeload.github.com/vshn/waf-tool/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227423673,"owners_count":17775207,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["modsecurity","tuning","vshn-project-ignore"],"created_at":"2024-11-30T20:20:50.397Z","updated_at":"2024-11-30T20:20:52.540Z","avatar_url":"https://github.com/vshn.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"ifndef::env-github[:icons: font]\nifdef::env-github[]\n:status:\n:tip-caption: :bulb:\n:note-caption: :information_source:\n:important-caption: :heavy_exclamation_mark:\n:caution-caption: :fire:\n:warning-caption: :warning:\nendif::[]\n\n= WAF Tool\n\nifdef::status[]\nimage:https://img.shields.io/github/workflow/status/vshn/waf-tool/Build/master[Build,link=https://github.com/vshn/waf-tool/actions]\nimage:https://img.shields.io/github/v/release/vshn/waf-tool[Releases,link=https://github.com/vshn/waf-tool/releases]\nimage:https://img.shields.io/github/license/vshn/waf-tool[License,link=https://github.com/vshn/waf-tool/blob/master/LICENSE]\nimage:https://img.shields.io/docker/pulls/vshn/waf-tool[Docker image,link=https://hub.docker.com/r/vshn/waf-tool]\nendif::[]\n\nHelper tool to generate ModSecurity rule exclusions and create merge request to Gitlab repositories.\n\n== Usage\n\nTo generate rule exclusions for all alerts of a request and create a merge request:\n\n. Authenticate to the OpenShift cluster\n+\n[source]\noc login\n\n. Find a request with false positives to tune. For example by using this Kibana link:dashboards/kibana[dashboard].\n\n. Run the `waf-tool` tuning command with a repository, token and the request's unique ID:\n+\n[source]\nwaf-tool tune -k -m -r \u003clocal-path/https-url\u003e -t \u003cgitlab-token\u003e \u003cunique-id\u003e\n\n. Use the generated exclusion rules and adapt them as required in your the merge request.\n\n=== Elasticsearch TLS Connection\n\nElasticsearch runs by default with a TLS certificate signed by a custom CA. You need to get the CA certificate in order to trust it. Either provide it in the `WAF_ES_CUSTOM_CA` env variable or with the `--es-custom-ca` flag.\n\nTo ignore the certificate and don't verify it (possibly insecure), run the `tune` command with the `-k` flag.\n\nSee `waf-tool tune --help` for more information.\n\n=== Gitlab Merge Request\nCurrently the software supports cloned filesystem repository and https URL. Repositories cloned via ssh is not supported yet.\n\n== Development\n\n. Install Go version 1.13\n\n. Run tests:\n+\n[source]\ngo test -cover ./...\n\n\n. Run tool\n+\n[source]\ngo run main.go\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvshn%2Fwaf-tool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvshn%2Fwaf-tool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvshn%2Fwaf-tool/lists"}