Detection modules
Modules run in phases as a request is read, and each contributes to one cumulative anomaly score. No module blocks on its own unless its score is worth it.
How inspection works
Detection is phased — connection → headers → body — and cooperative: every matched rule adds points by severity to the request's score, and the request is denied when the score crosses block_threshold. Verdicts are allow (forwarded), block (403), or reject (400 / 429 on a structural violation). See scoring configuration.
The catalogue
| Module | Catches |
|---|---|
sqli | SQL injection |
xss | Cross-site scripting |
rce | Remote command / OS-command injection |
path_traversal | Directory traversal (../ and encodings) |
lfi_rfi | Local & remote file inclusion |
ssrf | Server-side request forgery, incl. cloud-metadata |
ldap | LDAP injection |
nosql | NoSQL / query-operator injection |
ssti | Server-side template injection |
ssi | Server-side includes injection |
xxe | XML external entity |
mail | Mail-header injection |
scanner | Scanner / tool fingerprint (User-Agent) |
header_injection | CRLF / response-splitting |
request_smuggling | HTTP request smuggling (CL/TE) |
Each is enabled under its own [modules.<name>] table (all on by default in the sample config).
Anti-evasion normalization
Before a rule ever runs, input is folded into a canonical form so encoded attacks can't slip past: double-encoding-aware percent-decoding, Unicode NFKC, and a pipeline-wide overlong-collapse. A derived decode-then-match-then-discard channel also covers base64, HTML entities, tag/control stripping and VBScript concatenation, across multipart, JSON leaves and cookies.
Structural protocol validation
GraphQL and gRPC operations are validated on their shape — query depth, alias / field / directive counts, batch size, message size and nesting — not just their content. These are structural caps (a reject, not a score), opt-in per endpoint. Injection inside a field flows through the same normalization and scoring as any other input.
Importing CRS / ModSecurity rules
The core ships a seclang parser and subset evaluator, so you can load OWASP CRS or your own SecRule files as a module via [modules.crs]. A boot-time report lists any rules skipped as outside the supported subset.
Extending with WASM
A Proxy-Wasm runtime (on wasmi) loads a .wasm filter as a module, with fuel and memory caps and a fail-closed posture. The runtime is open; signature verification and a plugin marketplace are enterprise features.