🛡️ Open-source and next-generation Web Application Firewall (WAF)

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

ModSecurity v3 Nginx Connector

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

High-performance WAF built on the OpenResty stack

Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

堡塔云WAF，宝塔免费(free)的私有云网站应用防火墙(firewall)，基于docker/nginx/lua开发

Official ModSecurity Docker + Core Rule Set (CRS) images

HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com

An NGINX and ModSecurity based Web Application Firewall for Docker

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container

proxy-wasm filter based on Coraza WAF

Script to install your own Ghost blog, with Nginx and ModSecurity/Naxsi web application firewall. Supports multiple blogs.

Framework for Testing WAFs (FTW!)

The official ModSecurity Docker images

Development repository for nginx-more package

Logstash configuration filter set framework to parse modsecurity audit logs