一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…

🛡️ Make your web services secure by default !

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

ModSecurity v3 Nginx Connector

High-performance WAF built on the OpenResty stack

Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

一款社区驱动的免费、高性能、高扩展顶级Web应用和API安全防护产品-南墙,Web应用防火墙,WAF

HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com

An NGINX and ModSecurity based Web Application Firewall for Docker

Official ModSecurity Docker + Core Rule Set (CRS) images

Script to install your own Ghost blog, with Nginx and ModSecurity/Naxsi web application firewall. Supports multiple blogs.

The official ModSecurity Docker images

Framework for Testing WAFs (FTW!)

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container

Development repository for nginx-more package

Logstash configuration filter set framework to parse modsecurity audit logs

multitenant ModSecurity compatible WAF engine from Edgio