Will this replace the HAProxy bouncer? #16
Comments
Yes our plan since there is alot of limitation of the lua-based bouncer to use this implementation as the primary integration into HAProxy since we not reliant (so heavily) on the lua code and as you said SPOA is natively supported which means better integration. At the moment, the roadmap doesnt have a confirmed timeline as we are currently rolling out features to CrowdSec itself and this has taken a lot of resources, since we have to ensure backwards compatibility. Once we have released
|
|
Hi @LaurenceJJones, Does CrowdSec take bounties? The ability to use its WAF with HAProxy would be very useful. Coraza SPOA - which seems to be the only full-fledged alternative - is still 'experimental'. Thanks for the information! |
In what regards, as we offer bounties? if so we feel bounties takes away from the spirit of open source and community contributions, we know this is a wanted feature for HAProxy so it is at the top of our todo lists. |
|
If it's already at the top of the todo, then there's no need for a bounty ;). Thanks for the answer. |
During a search for an HAProxy WAF, I came across the HAProxy bouncer. From what I understand:
As far as I can see, the HAProxy bouncer does not support AppSec, effectively not providing a WAF. This hunch is confirmed by:
I did however come across this experimental SPOA repository, which says it provides 'WAF protection'.
Is it safe to assume that this project will replace the Lua-based bouncer (as SPOA is native to HAProxy)? If so, is there a timeline? The roadmap does not mention it.
The text was updated successfully, but these errors were encountered: