Home

Welcome to the sWAF Wiki

sWAF is a simple Web Application Firewall docker image, pre-packaged to be easily used within your web services architecture.

It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and others free CA support.

This Wiki will be improved continuously. Feel free to open issues, submit pull requests or discuss on - Discord channel to come -.

Architecture

sWAF is a docker image acting as an infrastructure security asset ready to be deployed wherever into your network infrastructure:

[Client] --hxxp(s)://drive.example.com--> [sWAF > rProxy+Security] --hxxp://a.b.c.d:6666--> [webservice1]

TODO Improved examples.

Main Features

• NGINX with:
  • LibreSSL & TLS 1.3 support.
  • ModSecurity 3 & OWASP® ModSecurity Core Rule Set.
  • NAXSI. (Roadmap v0.2.0)
• acme.sh for Let's Encrypt and others free CA support. (Roadmap v0.2.0)

Deploy & Configure

Go directly to the next page for all details.

Third-Parties

This project uses third-party resources. Below are their associated licensing terms:

• Alpine Linux

  © Copyright 2020 Alpine Linux Development Team all rights reserved.
  https://www.alpinelinux.org/

  with Alpine Linux installed packages referenced in [Build Details] page.

• Compiled libraries and tools referenced in [Build Details] page.

• The sWAF Project logo is a photo by Sebastiaan Stam on [Unsplash] (License).

• Shields.io - Badges as a service

  http://shields.io/
  https://github.com/badges/shields/

• Simple Icons - Icons as a service

  https://simpleicons.org/
  https://github.com/simple-icons/simple-icons/