-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom Rule with Country Code #92
Comments
Hi @cm91, The Country Code custom rule is included in the community editions. It resolves the country based on the source IP address, and ISO-3166 Alpha-2 codes are recommended for country-based exceptions. You can find the codes here. Kindly confirm your correct configuration of the country code. Additionally, could you share a screenshot of the expectation you've set up (you can redact the country code)? Thanks! |
i also mentioned some log entries: ==> cp-nano-http-transaction-handler.dbg2 <== |
Hi @cm91, As long as the country code is correct everything seems good. Could you please send your tenant ID to info@openappsec.io, we'll look into this. Thank you! |
Thanks, i've sent the mail a few hours ago, feel free to check and let me know if you need further information. Currently my setup is pretty basic, both docker containers are started as mentioned in the documentation. |
Hello. My story: As far as I understood there is some limitation on the geo filtering mentioned in the limitations here https://docs.openappsec.io/release-notes
So I've created separate exception CRD and mentioned two exceptions in the policy CRD via the array under the exceptions key. But it didn't work too. Kindly asking for help! Thank you in advance. |
Hi @5hin0bi, We are looking into this, could you please share the CRDs you've created (both exception & policy), if you prefer you can send it to info@openappsec.io. Also, does setting the country-code based exception CRDs only work correctly? Thank you! |
Exception:
|
Thank you! We are looking into this and hope to update you soon. |
Thank you for your quick responses! I must say that the open-appsec is one of the best things happened to my cluster lately, please keep up the good work! Eagerly looking forward to the fix! |
Hi, my containers got updated during the night and today i've noticed, that the geolocation for my ip was resolved and blocked due to: Practice Type: I'll keep monitoring for some more days, but for now it looks like you've been able to fix it! Thanks, |
Hi, Issue was fixed as part of our latest release |
Hi,
i've tried to create a custom rule to block access from several countries.
Unfortunatle this is not working. I also cannot see any country related information in the events.
I'm using the docker agent + the nginx attachment image and blocking of different threats is working as expected.
Is Premium or Enterprise Edition needed to make this work?
Thanks in advance.
The text was updated successfully, but these errors were encountered: