ea474cbcf2
- Create docs/ directory with VitePress configuration - Add documentation for all web servers (Nginx, Apache, Traefik, HAProxy) - Add bad bot detection and API reference documentation - Add GitHub Actions workflow for automatic deployment to GitHub Pages - Configure VitePress with sidebar, navigation, and search
4.1 KiB
API Reference
This page documents the Python scripts that power the Patterns project.
Core Scripts
owasp2json.py
Fetches and parses OWASP Core Rule Set patterns from GitHub.
python owasp2json.py
Output: owasp_rules.json
Configuration:
- Uses environment variable
OWASP_REPOto specify source repository - Default:
coreruleset/coreruleset
Features:
- Fetches latest CRS rules from GitHub
- Parses
.conffiles for regex patterns - Extracts rule metadata (ID, severity, category)
- Outputs structured JSON for conversion scripts
json2nginx.py
Converts OWASP JSON rules to Nginx WAF configuration.
python json2nginx.py
Input: owasp_rules.json
Output: waf_patterns/nginx/
Generated Files:
| File | Purpose |
|---|---|
waf_maps.conf |
Map directives (http block) |
waf_rules.conf |
If statements (server block) |
README.md |
Integration instructions |
Environment Variables:
INPUT_FILE- Path to OWASP JSON (default:owasp_rules.json)OUTPUT_DIR- Output directory (default:waf_patterns/nginx)
json2apache.py
Converts OWASP JSON rules to Apache ModSecurity format.
python json2apache.py
Input: owasp_rules.json
Output: waf_patterns/apache/
Generated Files:
- Category-specific
.conffiles (sqli.conf, xss.conf, etc.) - Each file contains ModSecurity
SecRuledirectives
json2traefik.py
Converts OWASP JSON rules to Traefik middleware configuration.
python json2traefik.py
Input: owasp_rules.json
Output: waf_patterns/traefik/
Generated Files:
middleware.toml- Traefik middleware configurationREADME.md- Integration instructions
json2haproxy.py
Converts OWASP JSON rules to HAProxy ACL format.
python json2haproxy.py
Input: owasp_rules.json
Output: waf_patterns/haproxy/
Generated Files:
waf.acl- Main WAF ACL rulesREADME.md- Integration instructions
badbots.py
Generates bad bot blocking configurations from public bot lists.
python badbots.py
Output: Bot configurations in each waf_patterns/*/ directory
Features:
- Fetches from multiple public bot lists
- Includes fallback sources for reliability
- Generates platform-specific configs
Import Scripts
These scripts help import existing WAF configurations.
import_nginx_waf.py
Import Nginx WAF patterns from external sources.
python import_nginx_waf.py --source /path/to/external/rules
import_apache_waf.py
Import Apache ModSecurity rules.
python import_apache_waf.py --source /path/to/modsec/rules
import_traefik_waf.py
Import Traefik middleware configurations.
python import_traefik_waf.py --source /path/to/traefik/config
import_haproxy_waf.py
Import HAProxy ACL rules.
python import_haproxy_waf.py --source /path/to/haproxy/acl
Data Structures
owasp_rules.json Format
[
{
"id": "942100",
"pattern": "(?i:union.*select)",
"category": "sqli",
"severity": "critical",
"location": "request-uri",
"description": "SQL Injection Attack Detected"
}
]
Fields:
| Field | Type | Description |
|---|---|---|
id |
string | OWASP CRS rule ID |
pattern |
string | Regex pattern |
category |
string | Attack category (sqli, xss, rce, etc.) |
severity |
string | critical, high, medium, low |
location |
string | Where to match (request-uri, headers, etc.) |
description |
string | Human-readable description |
Extending the Project
Adding a New Platform
- Create
json2<platform>.pybased on existing converters - Add output directory in
waf_patterns/<platform>/ - Update GitHub Actions workflow
- Add documentation in
docs/
Custom Pattern Sources
Modify owasp2json.py to add new pattern sources:
SOURCES = [
"coreruleset/coreruleset",
"your-org/your-rules",
]
Dependencies
Listed in requirements.txt:
requests>=2.28.0
beautifulsoup4>=4.11.0
Install with:
pip install -r requirements.txt