Navigation :
Getting Started
What is Gloo Edge?
Setup
Guides
Operations
Reference
-
Open Source Attribution
-
API Reference
-- address.proto
-- address.proto
-- advanced_http.proto
-- advanced_http.proto
-- als.proto
-- annotations.proto
-- any.proto
-- api.proto
-- apple_dns_resolver.proto
-- artifact.proto
-- aws.proto
-- aws_ec2.proto
-- azure.proto
-- backoff.proto
-- base.proto
-- base.proto
-- buffer.proto
-- caching.proto
-- cares_dns_resolver.proto
-- circuit_breaker.proto
-- cluster.proto
-- config.proto
-- config.proto
-- connection.proto
-- consul.proto
-- core.proto
-- cors.proto
-- csrf.proto
-- custom_tag.proto
-- datadog.proto
-- deprecation.proto
-- descriptor.proto
-- discovery.proto
-- dlp.proto
-- duration.proto
-- dynamic_forward_proxy.proto
-- empty.proto
-- endpoint.proto
-- envoy.glooe.solo.io.project
-- envoy_glooe_solo_io.project
-- event_service_config.proto
-- ext.proto
-- extauth.proto
-- extension.proto
-- extensions.proto
-- external_options.proto
-- failover.proto
-- failover.proto
-- fault.proto
-- field_mask.proto
-- filter.proto
-- gateway.proto
-- gateway.solo.io.project
-- gateway_solo_io.project
-- gloo.solo.io.project
-- gloo_solo_io.project
-- gloo_validation.proto
-- glooe.solo.io.project
-- glooe_solo_io.project
-- graphql.proto
-- graphql.proto
-- grpc.proto
-- grpc_json.proto
-- grpc_service.proto
-- grpc_web.proto
-- gzip.proto
-- hcm.proto
-- headers.proto
-- health_check.proto
-- health_check.proto
-- healthcheck.proto
-- http.proto
-- http.proto
-- http_gateway.proto
-- http_path.proto
-- http_uri.proto
-- http_uri.proto
-- ingress.proto
-- instance.proto
-- jwt.proto
-- kubernetes.proto
-- lbhash.proto
-- load_balancer.proto
-- matchable_http_gateway.proto
-- matchers.proto
-- metadata.proto
-- metadata.proto
-- metrics.proto
-- migrate.proto
-- options.proto
-- outlier_detection.proto
-- parameters.proto
-- percent.proto
-- percent.proto
-- pipe.proto
-- placement.proto
-- protocol.proto
-- protocol_upgrade.proto
-- proxy.proto
-- proxy_endpoint.proto
-- proxy_protocol.proto
-- proxy_protocol.proto
-- proxylatency.proto
-- proxyprotocol.proto
-- range.proto
-- range.proto
-- ratelimit.proto
-- ratelimit.proto
-- ratelimit.proto
-- rbac.proto
-- ref.proto
-- regex.proto
-- resolver.proto
-- rest.proto
-- retries.proto
-- route.proto
-- route_components.proto
-- route_table.proto
-- sanitize.proto
-- secret.proto
-- selectors.proto
-- semantic_version.proto
-- semantic_version.proto
-- sensitive.proto
-- service.proto
-- service_spec.proto
-- settings.proto
-- shadowing.proto
-- snap.proto
-- socket_option.proto
-- socket_option.proto
-- solo-discovery-service.proto
-- solo-kit.proto
-- solo_jwt_authn.proto
-- solo_xff_offset_filter.proto
-- source_context.proto
-- ssl.proto
-- static.proto
-- stats.proto
-- status.proto
-- status.proto
-- status.proto
-- stitching.proto
-- string.proto
-- struct.proto
-- subset.proto
-- subset_spec.proto
-- tcp.proto
-- timestamp.proto
-- trace.proto
-- tracing.proto
-- transformation.proto
-- transformation.proto
-- transformation.proto
-- type.proto
-- upstream.proto
-- version.proto
-- versioning.proto
-- virtual_service.proto
-- waf.proto
-- waf.proto
-- wasm.proto
-- wasm.proto
-- wasm.proto
-- wrappers.proto
-- xslt_transformer.proto
-- zipkin.proto
-
Command Line Reference
-
Changelog
-
Helm Chart Values
-
Security Updates
- Security Posture
- Gloo Edge Port Reference
- Release Support
-
Cheatsheets
Contributing
waf.proto
Package: waf.options.gloo.solo.io
Types:
Settings
"disabled": bool
"customInterventionMessage": string
"coreRuleSet": .waf.options.gloo.solo.io.CoreRuleSet
"ruleSets": [] envoy.config.filter.http.modsecurity.v2.RuleSet
"auditLogging": .envoy.config.filter.http.modsecurity.v2.AuditLogging
"requestHeadersOnly": bool
"responseHeadersOnly": bool
Field
Type
Description
disabledboolDisable waf on this resource (if omitted defaults to false). If a route/virtual host is configured with WAF, you must explicitly disable its WAF, i.e., it will not inherit the disabled status of its parent.
customInterventionMessagestringCustom massage to display if an intervention occurs.
coreRuleSet.waf.options.gloo.solo.io.CoreRuleSet Add OWASP core rule set if nil will not be added.
ruleSets[]envoy.config.filter.http.modsecurity.v2.RuleSet Custom rule sets rules to add.
auditLogging.envoy.config.filter.http.modsecurity.v2.AuditLogging Audit Log settings.
requestHeadersOnlyboolOnly process request headers, not buffering the request body.
responseHeadersOnlyboolOnly process response headers, not buffering the response body.
CoreRuleSet
"customSettingsString": string
"customSettingsFile": string
Field
Type
Description
customSettingsStringstringString representing the core rule set custom config options. Only one of customSettingsString or customSettingsFile can be set.
customSettingsFilestringString representing the core rule set custom config options. Only one of customSettingsFile or customSettingsString can be set.
