github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-06-28 16:41:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update local_policy.yaml

Browse Source
This commit is contained in:
orianelou 2024-10-01 13:05:23 +03:00 committed by GitHub
parent 7153d222c0
commit b58f7781e6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
config/linux/v1beta2/prevent/local_policy.yaml
View File

@ -1,4 +1,4 @@
# open-appsec default declarative configuration file # open-appsec Prevent declarative configuration file
# based on schema version: "v1beta2" # based on schema version: "v1beta2"
# more information on declarative configuration: https://docs.openappsec.io # more information on declarative configuration: https://docs.openappsec.io
@ -6,25 +6,16 @@ apiVersion: v1beta2
policies: policies:
default: default:
# start in prevent-learn # start in detect-learn and move to prevent-learn based on learning progress
mode: prevent-learn mode: prevent-learn
threatPreventionPractices: threatPreventionPractices: [default-threat-prevention-practice]
- default-threat-prevention-practice accessControlPractices: [default-access-control-practice]
accessControlPractices:
- default-access-control-practice
customResponses: default-web-user-response customResponses: default-web-user-response
triggers: triggers: [default-log-trigger]
- default-log-trigger sourceIdentifiers: ""
specificRules: trustedSources: ""
- host: www.example.com exceptions: []
# this is an example for specific rule, adjust the values as required for the protected app specificRules: []
mode: detect-learn
threatPreventionPractices:
- default-threat-prevention-practice
accessControlPractices:
- default-access-control-practice
triggers:
- default-log-trigger
threatPreventionPractices: threatPreventionPractices:
- name: default-threat-prevention-practice - name: default-threat-prevention-practice
@ -57,7 +48,7 @@ threatPreventionPractices:
files: [] files: []
# relevant for docker and linux embedded deployments # relevant for docker and linux embedded deployments
# 0 or 1 files supported in array # 0 or 1 files supported in array
openapiSchemaValidation: # schema validation requires "Premium Edition" schemaValidation: # schema validation requires "Premium Edition"
overrideMode: inherited overrideMode: inherited
configmap: [] configmap: []
# relevant for deployments on kubernetes # relevant for deployments on kubernetes
@ -91,7 +82,7 @@ logTriggers:
urlPath: true urlPath: true
urlQuery: true urlQuery: true
httpHeaders: false httpHeaders: false
requestBody: false requestBody: false
additionalSuspiciousEventsLogging: additionalSuspiciousEventsLogging:
enabled: true enabled: true
minSeverity: high minSeverity: high
@ -108,3 +99,4 @@ customResponses:
- name: default-web-user-response - name: default-web-user-response
mode: response-code-only mode: response-code-only
httpResponseCode: 403 httpResponseCode: 403