From ab5aa5155f8ecb19de372a63898316101c33399f Mon Sep 17 00:00:00 2001 From: wiaamm Date: Sun, 7 Dec 2025 13:08:14 +0200 Subject: [PATCH] remove internal traffic check --- .../open-appsec-waf-kong-plugin/handler.lua | 20 ------------------- 1 file changed, 20 deletions(-) diff --git a/attachments/kong/plugins/open-appsec-waf-kong-plugin/handler.lua b/attachments/kong/plugins/open-appsec-waf-kong-plugin/handler.lua index 9b013e6..75bcb2b 100755 --- a/attachments/kong/plugins/open-appsec-waf-kong-plugin/handler.lua +++ b/attachments/kong/plugins/open-appsec-waf-kong-plugin/handler.lua @@ -16,26 +16,6 @@ function NanoHandler.init_worker() end function NanoHandler.access(conf) - -- Skip inspection for health checks and internal requests - local path = kong.request.get_path() - local user_agent = kong.request.get_header("User-Agent") or "" - local method = kong.request.get_method() - - -- Bypass health checks, status endpoints, and internal monitoring - if path == "/status" or - path == "/health" or - path:match("^/metrics") or - path:match("^/_health") or - path:match("^/kong") or -- Kong admin API paths - user_agent:match("kube%-probe") or - user_agent:match("Prometheus") or - user_agent:match("Go%-http%-client") or -- Common health checker - (method == "GET" and path == "/") then -- Root path health checks - kong.log.debug("Bypassing inspection for internal request: ", method, " ", path, " (UA: ", user_agent, ")") - kong.ctx.plugin.bypass_inspection = true - return - end - local headers = kong.request.get_headers() local session_id = nano.generate_session_id() kong.service.request.set_header("x-session-id", tostring(session_id))