___ ___ _________
___\ \ / \ | _____/
( __\ \ /\ / _ \ | |___
\ \ \ \/ \/ / \ \| __/ >>> A simple Web Application Firewall docker image.
___) \ \ /\ /---\ \ |
\_____/ \_/ \_/ \____|
sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture.
It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and others free CA support.
A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. Too much time security is left on background, or only by using some basics - but not sufficient - options, and applications are front-faced to the big bad Internet.
That's why sWAF is here to offer a simple WAF docker image acting as an infrastructure security asset ready to be deployed wherever into your network infrastructure:
[Client] --hxxp(s)://drive.example.com
--> [sWAF > rProxy+Security] --hxxp://a.b.c.d:6666
--> [webservice1]
- NGINX with:
- LibreSSL & TLS 1.3 support.
- ModSecurity 3 & OWASP® ModSecurity Core Rule Set.
- NAXSI. (Roadmap v0.2.0)
- acme.sh for Let's Encrypt and others free CA support. (Roadmap v0.2.0)
- Homepage: [swaf-project.github.io]
- Git Repository: [https://github.com/swaf-project/swaf-docker.git]
- Docker Hub: [swafproject/swaf]
- Issues Tracker: [Bugs & Support]
- Documentation: [Wiki] or [Clone Wiki Documentation] to get a local copy.
-
Get sWAF docker image:
docker pull swafproject/swaf
-
Start a sWAF container:
docker run -d --name swaf --restart always --net host swafproject/swaf
-
Test it:
TODO Testing GIF
-
Check out [Wiki] documentation for all details about usage.
Build details on [Wiki/Build-Details]
- Releases are built in [swafproject/swaf] repository on Docker Hub. Checkout [Releases Page] for details.
-
master
branch is continuously built in [swafproject/swaf-dev] repository on Docker Hub. -
Last development status (based on master HEAD):
-
DO NOT use development image for your production, the only purpose of this image is for development!
Change details are listed into [CHANGELOG.md].
Feel free to submit enhancement proposal via [Pull Requets]!
Please check [Contributing] by Marc Diethelm for more details about how to do.
A project initiated by @styx0x6.
sWAF - A simple Web Application Firewall docker image.
Copyright © 2020 @styx0x6
This file is part of sWAF. This software is licensed under the European Union Public License 1.2 (EUPL-1.2), published in Official Journal of the European Union (OJ) of 19 May 2017 and available in 23 official languages of the European Union.
The English version is included with this software. Please see the following page for all the official versions of the EUPL-1.2:
https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12