Navigation :
Getting Started
What is Gloo Edge?
Setup
Guides
Operations
Reference
-
Open Source Attribution
-
API Reference
-- address.proto
-- address.proto
-- advanced_http.proto
-- advanced_http.proto
-- als.proto
-- annotations.proto
-- any.proto
-- api.proto
-- apple_dns_resolver.proto
-- artifact.proto
-- aws.proto
-- aws_ec2.proto
-- azure.proto
-- backoff.proto
-- base.proto
-- base.proto
-- buffer.proto
-- cares_dns_resolver.proto
-- circuit_breaker.proto
-- cluster.proto
-- config.proto
-- connection.proto
-- consul.proto
-- core.proto
-- cors.proto
-- csrf.proto
-- custom_tag.proto
-- datadog.proto
-- deprecation.proto
-- descriptor.proto
-- discovery.proto
-- dlp.proto
-- duration.proto
-- dynamic_forward_proxy.proto
-- empty.proto
-- endpoint.proto
-- envoy.glooe.solo.io.project
-- event_service_config.proto
-- ext.proto
-- extauth.proto
-- extension.proto
-- extensions.proto
-- external_options.proto
-- failover.proto
-- failover.proto
-- fault.proto
-- field_mask.proto
-- filter.proto
-- gateway.proto
-- gateway.solo.io.project
-- gloo.solo.io.project
-- gloo_validation.proto
-- glooe.solo.io.project
-- graphql.proto
-- graphql.proto
-- grpc.proto
-- grpc_json.proto
-- grpc_service.proto
-- grpc_web.proto
-- gzip.proto
-- hcm.proto
-- headers.proto
-- health_check.proto
-- health_check.proto
-- healthcheck.proto
-- http.proto
-- http.proto
-- http_gateway.proto
-- http_path.proto
-- http_uri.proto
-- http_uri.proto
-- ingress.proto
-- instance.proto
-- jwt.proto
-- kubernetes.proto
-- lbhash.proto
-- load_balancer.proto
-- matchable_http_gateway.proto
-- matchers.proto
-- metadata.proto
-- metadata.proto
-- metrics.proto
-- migrate.proto
-- options.proto
-- outlier_detection.proto
-- parameters.proto
-- percent.proto
-- percent.proto
-- pipe.proto
-- placement.proto
-- protocol_upgrade.proto
-- proxy.proto
-- proxy_protocol.proto
-- proxy_protocol.proto
-- proxylatency.proto
-- proxyprotocol.proto
-- range.proto
-- range.proto
-- ratelimit.proto
-- ratelimit.proto
-- ratelimit.proto
-- rbac.proto
-- ref.proto
-- regex.proto
-- resolver.proto
-- rest.proto
-- retries.proto
-- route.proto
-- route_components.proto
-- route_table.proto
-- sanitize.proto
-- secret.proto
-- selectors.proto
-- semantic_version.proto
-- semantic_version.proto
-- sensitive.proto
-- service.proto
-- service_spec.proto
-- settings.proto
-- shadowing.proto
-- snap.proto
-- socket_option.proto
-- socket_option.proto
-- solo-discovery-service.proto
-- solo-kit.proto
-- solo_jwt_authn.proto
-- solo_xff_offset_filter.proto
-- source_context.proto
-- ssl.proto
-- static.proto
-- stats.proto
-- status.proto
-- status.proto
-- status.proto
-- stitching.proto
-- stitching_info.proto
-- string.proto
-- struct.proto
-- subset.proto
-- subset_spec.proto
-- tcp.proto
-- timestamp.proto
-- trace.proto
-- tracing.proto
-- transformation.proto
-- transformation.proto
-- transformation.proto
-- type.proto
-- upstream.proto
-- version.proto
-- versioning.proto
-- virtual_service.proto
-- waf.proto
-- waf.proto
-- wasm.proto
-- wasm.proto
-- wasm.proto
-- wrappers.proto
-- xslt_transformer.proto
-- zipkin.proto
-
Command Line Reference
-
Changelog
-
Helm Chart Values
-
Security Updates
- Gloo Edge Port Reference
- Release Support
-
Cheatsheets
Contributing
waf.proto
Package: waf.options.gloo.solo.io
Types:
Settings
"disabled": bool
"customInterventionMessage": string
"coreRuleSet": .waf.options.gloo.solo.io.CoreRuleSet
"ruleSets": [] envoy.config.filter.http.modsecurity.v2.RuleSet
"auditLogging": .envoy.config.filter.http.modsecurity.v2.AuditLogging
"requestHeadersOnly": bool
"responseHeadersOnly": bool
Field
Type
Description
disabled
bool
Disable waf on this resource (if omitted defaults to false). If a route/virtual host is configured with WAF, you must explicitly disable its WAF, i.e., it will not inherit the disabled status of its parent.
customInterventionMessage
string
Custom massage to display if an intervention occurs.
coreRuleSet
.waf.options.gloo.solo.io.CoreRuleSet
Add OWASP core rule set if nil will not be added.
ruleSets
[]envoy.config.filter.http.modsecurity.v2.RuleSet
Custom rule sets rules to add.
auditLogging
.envoy.config.filter.http.modsecurity.v2.AuditLogging
Audit Log settings.
requestHeadersOnly
bool
Only process request headers, not buffering the request body.
responseHeadersOnly
bool
Only process response headers, not buffering the response body.
CoreRuleSet
"customSettingsString": string
"customSettingsFile": string
Field
Type
Description
customSettingsString
string
String representing the core rule set custom config options. Only one of customSettingsString
or customSettingsFile
can be set.
customSettingsFile
string
String representing the core rule set custom config options. Only one of customSettingsFile
or customSettingsString
can be set.