Home
sWAF is a simple Web Application Firewall Docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and others free CA support.
A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. Too much time security is left on background, or only by using some basics - but not sufficient - options, and applications are published to the Internet with fully exposed ports.
That's why sWAF is here to offer a simple WAF Docker image acting as an infrastructure security asset ready to be deployed wherever into your network infrastructure:
[Client] --hxxp(s)://drive.cloud.me--> [sWAF > rProxy+Security] --hxxp://a.b.c.d:6666--> [webservice1]
-
NGINX with:
- LibreSSL & TLS 1.3 support.
- ModSecurity 3 & OWASP® ModSecurity Core Rule Set.
- NAXSI. (Roadmap v0.2.0)
- acme.sh for Let's Encrypt and others free CA support. (Roadmap v0.2.0)
- Homepage: [swaf-project.github.io]
- Git Repository: [https://github.com/swaf-project/swaf-docker.git]
- Docker Hub: [swafproject/swaf]
- Issues Tracker: [Bugs & Support]
- Documentation: [Wiki] or [Clone Wiki Documentation]
Build on Alpine Linux Docker image.
Details of used packages versions is listed below.
- Releases are built in [swafproject/swaf] repository on Docker Hub. Checkout releases in [Releases Page].
-
masterbranch is continuously built in [swafproject/swaf-dev] repository on Docker Hub.
Last development image version (based on master HEAD):
Change details are listed into [CHANGELOG.md].
TODO