Skip to content

Author: jptosso

All you need is sync.Pool

I have ignored sync.Pool for a long time but it has come to an end. One of Coraza’s greatest memory…

View more

Protect against log4j attacks using Coraza WAF

I’m not going to write a huge post on how to protect against log4j using Coraza but I will show…

View more

Coraza has reached 100% compatibility with OWASP Core Ruleset

I began this project in July 2020, it’s been 17 months of hard work and a lot of redesigns but…

View more

How Coraza got 10% faster in a day

First some context, I was running some benchmarks on Coraza using the OWASP Core Ruleset on Apache-Modsecurity and Coraza-Caddy and…

View more

WordPress with Coraza and Coreruleset

So this site is a standard WordPress running on Apache 2 with a Caddy reverse proxy serving OWASP CRS rules.…

View more

How did I exported a Golang program into an Apache module

Coraza’s high level APIs are based on libmodsecurity, we use the same 5 phases and the same setters for: Connection…

View more

Coraza v2 is coming

Coraza v1 was a successful project but if you read the API you will notice there are a lot of…

View more

OWASP CRS retreat

A few weeks ago I was invited as a guest to the OWASP Core Ruleset retreat in the Swiss Alps.…

View more

Golang “quality frameworks”?

Read more > Golang “quality frameworks”?
View more

URL parsing paradox

Read more > URL parsing paradox
View more