-
Notifications
You must be signed in to change notification settings - Fork 7
Home
styx0x6 edited this page Nov 7, 2020
·
13 revisions
sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture.
It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and others free CA support.
This Wiki will be improved continuously. Feel free to open issues, submit pull requests or discuss on - Discord channel to come -.
sWAF is a docker image acting as an infrastructure security asset ready to be deployed wherever into your network infrastructure:
[Client] --hxxp(s)://drive.example.com--> [sWAF > rProxy+Security] --hxxp://a.b.c.d:6666--> [webservice1]
TODO Improved examples.
-
NGINX with:
- LibreSSL & TLS 1.3 support.
- ModSecurity 3 & OWASP® ModSecurity Core Rule Set.
- NAXSI. (Roadmap v0.2.0)
- acme.sh for Let's Encrypt and others free CA support. (Roadmap v0.2.0)
- TODO