Skip to content

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

License

Notifications You must be signed in to change notification settings

phuongvietvu0306/ngx_waf

 
 

Repository files navigation

ngx_waf

test docs docker Codacy Badge

Notification Discussion EN Discussion CN

English | 简体中文

Handy, High performance Nginx firewall module.

Why ngx_waf

  • Basic protection: such as black and white list of IPs or IP range, uri black and white list, and request body black list, etc.
  • Easy to use: configuration files and rule files are easy to write and readable.
  • High performance: Efficient algorithms and caching.
  • Advanced protection: ModSecurity compatible, you can use OWASP(Open Web Application Security Project®) ModSecurity Core Rule Set.
  • Friendly crawler verification: Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them automatically to avoid false positives.
  • Captcha: Supports three kinds of captchas: hCaptcha, reCAPTCHAv2 and reCAPTCHAv3.

Features

  • ModSecurity compatible. This feature is only available in the latest Current version.
  • Rules that are compatible with ModSecurity.
  • Anti SQL injection (powered by libinjection).
  • Anti XSS (powered by libinjection).
  • IPV4 and IPV6 support.
  • Support for enabling CAPTCHAs, including hCaptcha, reCAPTCHAv2 and reCAPTCHAv3. This feature is only available in the latest Current version.
  • Support authentication-friendly crawlers (based on user agent and IP identification) to avoid blocking of these crawlers (e.g. GoogleBot). This feature is only available in the latest Current version.
  • Anti Challenge Collapsar, it can automatically block malicious IP.
  • Exceptional allow on specific IP address.
  • Block the specified IP address.
  • Block the specified request body.
  • Exceptional allow on specific URL.
  • Block the specified URL.
  • Block the specified query string.
  • Block the specified UserAgent.
  • Block the specified Cookie.
  • Exceptional allow on specific Referer.
  • Block the specified Referer.

Docs

Contact

Sponsor

Hope you can help promote this project. The more stars got, the better this project is. :)

License

BSD 3-Clause License

Thanks

  • ModSecurity: An open source, cross platform web application firewall (WAF) engine.
  • uthash: C macros for hash tables and more.
  • libinjection: SQL / SQLI tokenizer parser analyzer.
  • libsodium: A modern, portable, easy to use crypto library.
  • lastversion: A command line tool that helps you download or install a specific version of a project.
  • ngx_lua_waf: A web application firewall based on the lua-nginx-module (openresty).
  • nginx-book: The Chinese language development guide for nginx.
  • nginx-development-guide: The Chinese language development guide for nginx.

About

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C 88.6%
  • Yacc 5.4%
  • Lex 3.6%
  • Shell 1.8%
  • HTML 0.3%
  • Lua 0.2%
  • Makefile 0.1%