Merge pull request #8 from madebymode/dev

New Defaults:

README.md

@@ -55,7 +55,7 @@ time.
 *NEW*: Caching modsecurity responses helps to minimize the overhead of processing every request and improves
 performance. By generating cache keys based on various factors like the request method, host, request URI, headers, and
 remote address, we can ensure that different requests are treated uniquely, while similar requests can be served from
-the plugins cache. This approach helps in reducing the load on the modsecurity instance and improves response times for
+the plugins modsecurity response cache. This approach helps in reducing the load on the modsecurity instance and improves response times for
 requests. You can tune this to your liking but we recommend the following options:
 
 ## Configuration
@@ -75,11 +75,11 @@ This plugin supports these configuration:
 
 * `cacheKeyIncludeHost`: (optional) Specifies if the host should be included in the cache key. (default true)
 * `cacheKeyIncludeRemoteAddress`: (optional) Speifics if the remote request address should be included in the cache
-  key (default false)
-* `cacheKeyIncludeHeaders`: (optional) Specifies if the headers should be included in the cache key. (default false)
-* `cacheKeyHeaders`: (optional) An array of specific headers to be included in the cache key when CacheKeyIncludeHeaders is true. (ie: ["User-Agent"]) 
+  key (default true)
+* `cacheKeyIncludeHeaders`: (optional) Specifies if the headers should be included in the cache key. (default true)
+* `cacheKeyHeaders`: (optional) An array of specific headers to be included in the cache key when CacheKeyIncludeHeaders is true. (ie: the default ["User-Agent"]) 
 
-note some headers are ALWAYS blacklisted, and even if you list
+**Note**: some headers are ALWAYS blacklisted, and even if you list
 them here, they will still not be cached:
 ```
 Authorization: *, Set-Cookie: *, Cache-Control: no-store, Pragma: no-cache, Expires: -1 (date in the past)

docker-compose.local.yml

@@ -33,7 +33,7 @@ services:
 
 
   waf:
-    image: owasp/modsecurity-crs:3.3.4-apache-alpine-202304160904
+    image: owasp/modsecurity-crs:3.3.5-apache-alpine-202402140602
     environment:
       - PARANOIA=1
       - ANOMALY_INBOUND=10

docker-compose.yml

@@ -28,10 +28,10 @@ services:
       - traefik.http.middlewares.waf.plugin.traefik-modsecurity-plugin.cacheKeyIncludeRequestURI=true
       - traefik.http.middlewares.waf.plugin.traefik-modsecurity-plugin.cacheKeyIncludeHeaders=true
       - traefik.http.middlewares.waf.plugin.traefik-modsecurity-plugin.cacheKeyHeaders=["User-Agent]
-      - traefik.http.middlewares.waf.plugin.traefik-modsecurity-plugin.cacheKeyIncludeRemoteAddress=false
+      - traefik.http.middlewares.waf.plugin.traefik-modsecurity-plugin.cacheKeyIncludeRemoteAddress=true
 
   waf:
-    image: owasp/modsecurity-crs:3.3.4-nginx-alpine-202304160904
+    image: owasp/modsecurity-crs:3.3.5-apache-alpine-202402140602
     environment:
       - PARANOIA=1
       - ANOMALY_INBOUND=10

modsecurity.go

@@ -60,9 +60,9 @@ func CreateConfig() *Config {
 		CacheConditionsNoBody:  boolPtr(true),
 
 		CacheKeyIncludeHost:          boolPtr(true),
-		CacheKeyIncludeHeaders:       boolPtr(false),
-		CacheKeyHeaders:              []string{"Authorization", "User-Agent", "Cache-Control"},
-		CacheKeyIncludeRemoteAddress: boolPtr(false),
+		CacheKeyIncludeHeaders:       boolPtr(true),
+		CacheKeyHeaders:              []string{"User-Agent"},
+		CacheKeyIncludeRemoteAddress: boolPtr(true),
 	}
 
 	finalize := Config{