patterns/owasp2apache.py

import json
import os
from collections import defaultdict
import logging
from pathlib import Path

# Configure logging
logging.basicConfig(
    level=logging.INFO,
    format="%(asctime)s - %(levelname)s - %(message)s",
    handlers=[logging.StreamHandler()],
)

# Paths
INPUT_FILE = Path("owasp_rules.json")  # Input JSON file
OUTPUT_DIR = Path("waf_patterns/apache")  # Output directory for Apache configs

# Ensure output directory exists
OUTPUT_DIR.mkdir(parents=True, exist_ok=True)

# ModSecurity rule template
MODSEC_RULE_TEMPLATE = (
    'SecRule REQUEST_URI "{pattern}" "id:{rule_id},phase:1,deny,status:403,log,msg:\'{category} attack detected\'"\n'
)


def load_owasp_rules(file_path):
    """
    Load OWASP rules from a JSON file.
    """
    try:
        with open(file_path, "r") as f:
            return json.load(f)
    except FileNotFoundError:
        logging.error(f"[!] Input file not found: {file_path}")
        raise
    except json.JSONDecodeError:
        logging.error(f"[!] Invalid JSON in file: {file_path}")
        raise
    except Exception as e:
        logging.error(f"[!] Error loading OWASP rules: {e}")
        raise


def generate_apache_waf(rules):
    """
    Generate Apache ModSecurity configuration files from OWASP rules.
    """
    categorized_rules = defaultdict(list)
    rule_id_counter = 1000  # Starting rule ID

    # Group rules by category
    for rule in rules:
        try:
            category = rule.get("category", "generic").lower()
            pattern = rule["pattern"]
            categorized_rules[category].append((pattern, rule_id_counter))
            rule_id_counter += 1  # Increment rule ID to avoid collisions
        except KeyError as e:
            logging.warning(f"[!] Skipping invalid rule (missing key: {e}): {rule}")
            continue

    # Convert to Apache conf files
    for category, patterns in categorized_rules.items():
        output_file = OUTPUT_DIR / f"{category}.conf"

        try:
            with open(output_file, "w") as f:
                f.write(f"# Apache ModSecurity rules for {category.upper()}\n")
                f.write("SecRuleEngine On\n\n")

                # Write rules as ModSecurity SecRules
                for pattern, rule_id in patterns:
                    rule = MODSEC_RULE_TEMPLATE.format(
                        pattern=pattern, rule_id=rule_id, category=category
                    )
                    f.write(rule)

            logging.info(f"[+] Generated {output_file} ({len(patterns)} patterns)")
        except IOError as e:
            logging.error(f"[!] Failed to write to {output_file}: {e}")
            raise


def main():
    """
    Main function to execute the script.
    """
    try:
        logging.info("[*] Loading OWASP rules...")
        owasp_rules = load_owasp_rules(INPUT_FILE)

        logging.info(f"[*] Generating Apache WAF configs from {len(owasp_rules)} rules...")
        generate_apache_waf(owasp_rules)

        logging.info("[✔] Apache ModSecurity configurations generated successfully.")
    except Exception as e:
        logging.critical(f"[!] Script failed: {e}")
        exit(1)


if __name__ == "__main__":
    main()
Create owasp2apache.py 2024-12-21 01:33:47 +01:00			`import json`
			`import os`
			`from collections import defaultdict`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`import logging`
			`from pathlib import Path`

			`# Configure logging`
			`logging.basicConfig(`
			`level=logging.INFO,`
			`format="%(asctime)s - %(levelname)s - %(message)s",`
			`handlers=[logging.StreamHandler()],`
			`)`
Create owasp2apache.py 2024-12-21 01:33:47 +01:00
			`# Paths`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`INPUT_FILE = Path("owasp_rules.json") # Input JSON file`
			`OUTPUT_DIR = Path("waf_patterns/apache") # Output directory for Apache configs`
Create owasp2apache.py 2024-12-21 01:33:47 +01:00
			`# Ensure output directory exists`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`OUTPUT_DIR.mkdir(parents=True, exist_ok=True)`

			`# ModSecurity rule template`
			`MODSEC_RULE_TEMPLATE = (`
			`'SecRule REQUEST_URI "{pattern}" "id:{rule_id},phase:1,deny,status:403,log,msg:\'{category} attack detected\'"\n'`
			`)`

Create owasp2apache.py 2024-12-21 01:33:47 +01:00
			`def load_owasp_rules(file_path):`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`"""`
			`Load OWASP rules from a JSON file.`
			`"""`
			`try:`
			`with open(file_path, "r") as f:`
			`return json.load(f)`
			`except FileNotFoundError:`
			`logging.error(f"[!] Input file not found: {file_path}")`
			`raise`
			`except json.JSONDecodeError:`
			`logging.error(f"[!] Invalid JSON in file: {file_path}")`
			`raise`
			`except Exception as e:`
			`logging.error(f"[!] Error loading OWASP rules: {e}")`
			`raise`

Create owasp2apache.py 2024-12-21 01:33:47 +01:00
			`def generate_apache_waf(rules):`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`"""`
			`Generate Apache ModSecurity configuration files from OWASP rules.`
			`"""`
Create owasp2apache.py 2024-12-21 01:33:47 +01:00			`categorized_rules = defaultdict(list)`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`rule_id_counter = 1000 # Starting rule ID`

Create owasp2apache.py 2024-12-21 01:33:47 +01:00			`# Group rules by category`
			`for rule in rules:`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`try:`
			`category = rule.get("category", "generic").lower()`
			`pattern = rule["pattern"]`
			`categorized_rules[category].append((pattern, rule_id_counter))`
			`rule_id_counter += 1 # Increment rule ID to avoid collisions`
			`except KeyError as e:`
			`logging.warning(f"[!] Skipping invalid rule (missing key: {e}): {rule}")`
			`continue`
Create owasp2apache.py 2024-12-21 01:33:47 +01:00
			`# Convert to Apache conf files`
			`for category, patterns in categorized_rules.items():`
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`output_file = OUTPUT_DIR / f"{category}.conf"`
Create owasp2apache.py 2024-12-21 01:33:47 +01:00
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`try:`
			`with open(output_file, "w") as f:`
			`f.write(f"# Apache ModSecurity rules for {category.upper()}\n")`
			`f.write("SecRuleEngine On\n\n")`

			`# Write rules as ModSecurity SecRules`
			`for pattern, rule_id in patterns:`
			`rule = MODSEC_RULE_TEMPLATE.format(`
			`pattern=pattern, rule_id=rule_id, category=category`
			`)`
			`f.write(rule)`
Create owasp2apache.py 2024-12-21 01:33:47 +01:00
Update owasp2apache.py - Error Handling: Added error handling for file operations, JSON parsing, and invalid rule structures. Logs warnings for invalid rules instead of crashing. - Unique Rule IDs: Each rule is assigned a unique id to avoid collisions in ModSecurity. - Path Handling: Used pathlib.Path for better path manipulation and readability. - Logging: Replaced print() with Python's logging module for more flexible and structured logging. - Input Validation: Added checks for missing keys in the input JSON file. - Template for Rules: Used a template string (MODSEC_RULE_TEMPLATE) for consistent rule formatting. - Output Directory Permissions: Ensured the output directory is created with parents=True to handle nested directories. 2025-01-03 13:09:05 +01:00			`logging.info(f"[+] Generated {output_file} ({len(patterns)} patterns)")`
			`except IOError as e:`
			`logging.error(f"[!] Failed to write to {output_file}: {e}")`
			`raise`


			`def main():`
			`"""`
			`Main function to execute the script.`
			`"""`
			`try:`
			`logging.info("[*] Loading OWASP rules...")`
			`owasp_rules = load_owasp_rules(INPUT_FILE)`

			`logging.info(f"[*] Generating Apache WAF configs from {len(owasp_rules)} rules...")`
			`generate_apache_waf(owasp_rules)`

			`logging.info("[✔] Apache ModSecurity configurations generated successfully.")`
			`except Exception as e:`
			`logging.critical(f"[!] Script failed: {e}")`
			`exit(1)`


			`if __name__ == "__main__":`
			`main()`