mirror of
https://github.com/openappsec/openappsec.git
synced 2025-06-28 16:41:02 +03:00
86 lines
2.0 KiB
YAML
86 lines
2.0 KiB
YAML
policies:
|
|
default:
|
|
triggers:
|
|
- appsec-default-log-trigger
|
|
mode: detect-learn
|
|
practices:
|
|
- webapp-default-practice
|
|
source-identifiers:
|
|
trusted-sources:
|
|
custom-response: appsec-default-web-user-response
|
|
exceptions:
|
|
specific-rules:
|
|
- host: "*"
|
|
triggers:
|
|
- appsec-default-log-trigger
|
|
mode: detect-learn
|
|
practices:
|
|
- webapp-default-practice
|
|
source-identifiers:
|
|
trusted-sources:
|
|
custom-response: appsec-default-web-user-response
|
|
exceptions:
|
|
|
|
practices:
|
|
- name: webapp-default-practice
|
|
openapi-schema-validation:
|
|
configmap: []
|
|
override-mode: detect-learn
|
|
snort-signatures:
|
|
configmap: []
|
|
override-mode: detect-learn
|
|
web-attacks:
|
|
max-body-size-kb: 1000000
|
|
max-header-size-bytes: 102400
|
|
max-object-depth: 40
|
|
max-url-size-bytes: 32768
|
|
minimum-confidence: critical
|
|
override-mode: detect-learn
|
|
protections:
|
|
csrf-protection: detect-learn
|
|
error-disclosure: detect-learn
|
|
non-valid-http-methods: true
|
|
open-redirect: detect-learn
|
|
anti-bot:
|
|
injected-URIs: []
|
|
validated-URIs: []
|
|
override-mode: detect-learn
|
|
|
|
logtriggers:
|
|
- name: appsec-default-log-trigger
|
|
access-control-logging:
|
|
allow-events: false
|
|
drop-events: true
|
|
additional-suspicious-events-logging:
|
|
enabled: true
|
|
minimum-severity: high
|
|
response-body: false
|
|
appsec-logging:
|
|
all-web-requests: false
|
|
detect-events: true
|
|
prevent-events: true
|
|
extended-logging:
|
|
http-headers: false
|
|
request-body: false
|
|
url-path: false
|
|
url-query: false
|
|
log-destination:
|
|
cloud: false
|
|
file:
|
|
stdout:
|
|
format: json-formatted
|
|
syslog-service:
|
|
cef-service:
|
|
|
|
customresponses:
|
|
- name: appsec-default-web-user-response
|
|
mode: response-code-only
|
|
http-response-code: 403
|
|
message-title: This is the best title ever
|
|
message-body: Look at this body
|
|
|
|
exceptions:
|
|
trustedsources:
|
|
sourceidentifiers:
|
|
|