Merge pull request #28 from fastly/WAF-692_fix_score_values

Waf 692 fix score values
fastly · Jun 7, 2018 · bdc7701 · bdc7701
2 parents 8f5f0f7 + c7f3ebf
commit bdc7701
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 16 deletions.
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -12,10 +12,6 @@ builds:
 # Archive customization
 archive:
   format: tar.gz
-  replacements:
-    amd64: 64-bit
-    darwin: macOS
-    linux: Tux
   files:
     - waflyctl.toml
     - config_examples/waflyctl.fastly_soc_example.toml 

diff --git a/config_examples/waflyctl.fastly_soc_example.toml b/config_examples/waflyctl.fastly_soc_example.toml
@@ -9,32 +9,35 @@ rules = []
 disabledrules = []
 
 [owasp]
+# OWASP generic settings
+ParanoiaLevel = 3
 AllowedHTTPVersions = "HTTP/1.0 HTTP/1.1 HTTP/2"
 AllowedMethods = "GET HEAD POST OPTIONS PUT PATCH DELETE"
 AllowedRequestContentType = "application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain"
 ArgLength = 800
 ArgNameLength = 800
 CombinedFileSizes = 10000000
-CriticalAnomalyScore = 6
 CRSValidateUTF8Encoding = false
-ErrorAnomalyScore = 5
-HTTPViolationScoreThreshold = 6
-InboundAnomalyScoreThreshold = 12
-LFIScoreThreshold = 6
 MaxFileSize = 10000000
 MaxNumArgs = 255
-NoticeAnomalyScore = 4
-ParanoiaLevel = 3
-PHPInjectionScoreThreshold = 6
-RCEScoreThreshold = 6
+TotalArgLength = 6400
 RestrictedExtensions = ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx"
 RestrictedHeaders = "/proxy/ /lock-token/ /content-range/ /translate/ /if/"
+
+# OWASP score settings
+InboundAnomalyScoreThreshold = 12
+CriticalAnomalyScore = 6
+ErrorAnomalyScore = 5
+WarningAnomalyScore = 4
+NoticeAnomalyScore = 3
+PHPInjectionScoreThreshold = 6
+RCEScoreThreshold = 6
+HTTPViolationScoreThreshold = 6
+LFIScoreThreshold = 6
 RFIScoreThreshold = 6
 SessionFixationScoreThreshold = 6
 SQLInjectionScoreThreshold = 6
 XSSScoreThreshold = 6
-TotalArgLength = 6400
-WarningAnomalyScore = 3
 
 [weblog]
 name = "soc-weblogs"

diff --git a/waflyctl.go b/waflyctl.go
@@ -1248,7 +1248,7 @@ func main() {
 
 	// grab version and build
 
-	fmt.Println("Fastly WAF Control Tool version: " + version + "built on " + date + " by #team-soc")
+	fmt.Println("Fastly WAF Control Tool version: " + version + " built on " + date + " by #team-soc")
 
 	//run init to get our logging configured
 	var config TOMLConfig