But when I have used the coreruleset which I downloaded to the server I am receiving a 500 status in any response from caddy for any request.
I have a very large set of backend servers (~10) and every time I test it takes a while and I have yet to find a Caddyfile that will just work out of the box as is without any customization.
My setup is composed mainly of wordpress sites.
I tested a very simple configuration on my server (basically their sample) and it worked:
https://domain.tld {
tls {
on_demand
}
encode zstd gzip
coraza_waf {
load_owasp_crs
directives `
Include @coraza.conf-recommended
Include @crs-setup.conf.example
Include @owasp_crs/*.conf
SecRuleEngine On
`
}
reverse_proxy host:port
}
This is as of Caddy v2.7.5 and coraza-caddy v2.0.0-rc3. The server I am reverse proxying is also a Wordpress server. Do you mind sharing your configuration (redacted of course)?