cscli collections install crowdsecurity/appsec-crs-inbandThis collection enables BLOCKING OWASP CRS:
The OWASP CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. It aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS provides protection against many common attack categories, including SQL Injection, Cross Site Scripting, Local File Inclusion, etc.
Add the crowdsecurity/crs appsec-config to your WAF acquisition:
1appsec_configs:2 - ...3 - crowdsecurity/crs-inband4labels:5 type: appsec6listen_addr: 127.0.0.1:74227source: appsec8