Security rules
Dhal includes deterministic WAF-style rules.
Rule packs
{
"rules": {
"packs": ["generic-web", "api"]
}
}
Available packs:
| Pack | Purpose |
|---|---|
generic-web | broad web attack surface |
api | API-oriented request checks |
auth | login and credential-abuse surfaces |
wordpress | common WordPress probe detection |
strict-api | stricter JSON API posture |
Signatures
Built-in signatures include:
- SQL injection;
- XSS;
- path traversal;
- SSRF;
- RCE;
- SSTI;
- GraphQL introspection probes;
- WordPress probes;
- bad user agents.
Rule catalog
List rules:
npx dhal rules
npx dhal rules --json
Public API:
import {
getDhalRuleCatalog,
findDhalRule,
DHAL_RULE_CATALOG
} from "@rokadhq/dhal";
Severity
Configure severity by category and rule ID:
{
"policy": {
"severity": {
"default": "low",
"categories": {
"signature": "high",
"honeypot": "critical"
},
"rules": {
"signature.path_traversal": "critical"
}
}
}
}