Code development platform for open source projects from the European Union institutions

Skip to content

🔧 Add flag to enable/disable WAF audit log

David Jose DELASSUS requested to merge waf-audit-flag into main

Decision record

The WAF audit log is extremely verbose. When running in production, this can lead to issues (such as producing 30GB of logs in less than 10 minutes). This means an attacker can fill the filesystem simply by sending requests to a mapping and successfully crash the service.

We need to be able to disable the audit log for exposed environments, and keep it for lab environments (so that we can reproduce potential issues).

Changes

  • 🐳 Add new EC_RPS_WAF_AUDITLOG flag
  • 📝 Update documentation
  • 🔖 v0.8.0

-->

Merge request reports

Loading