Skip to main content
Version: Next

Application Security Component

This module allows you to enable the Application Security Component as a data source.

A more detailed documentation is available here.

A quickstart tutorial is available for Nginx/OpenResty and Traefik.

Configuration example

To start an Application Security Component on port 7422, listening on 127.0.0.1, using the crowdsecurity/vpatch config:

source: appsec
listen_addr: 127.0.0.1:7422
path: /
appsec_config: crowdsecurity/virtual-patching
labels:
type: appsec

Parameters

listen_addr

The address and port to listen on. Defaults to 127.0.0.1:7442.

path

The path the Application Security Component will respond to. Defaults to /.

appsec_config

The name of the appsec-config to use (as seen in cscli appsec-configs list).

appsec_config_path

The path to the appsec-config to use (as seen in cscli appsec-configs list).

routines

Number of routines to use to process the requests. Defaults to 1.

auth_cache_duration

How long to cache the auth token for. Accepts value supported by time.ParseDuration. Defaults to 1m.

cert_file

Path to the cert file to allow HTTPS communication between the remediation component and the appsec component.

key_file

Path to the key file to allow HTTPS communication between the remediation component and the appsec component.

DSN and command-line

This module does not support acquisition from the command line.