GitHub

Project Description: SamWaf

What is the project about?

SamWaf is a lightweight, open-source Web Application Firewall (WAF). It's designed to protect websites and APIs from common web attacks.

What problem does it solve?

It addresses the need for a privately deployable, low-cost, and customizable WAF solution, particularly for small businesses, studios, and personal websites. It avoids the high costs of commercial WAFs and the privacy concerns of cloud-based solutions. It also allows for greater customization than typical WAF plugins. It provides visibility into website traffic and attacks.

What are the features of the project?

  • Completely open-source: The entire codebase is available.
  • Private deployment: Can be run on your own servers.
  • Lightweight: Minimal resource usage, no reliance on third-party services.
  • Independent engine: Doesn't depend on web servers like IIS or Nginx.
  • Customizable rules: Protection rules can be defined via scripts or a GUI.
  • Access control: Supports allowlists and blocklists for IPs and URLs.
  • Data privacy: Supports designated data privacy output.
  • CC attack mitigation: Protection against Connection/Request flood attacks.
  • Configuration: Global and per-website settings.
  • Security: Encrypted log storage, communication, and data obfuscation.
  • OWASP CRS support: Integrates with the OWASP Core Rule Set.
  • SSL management: Automatic certificate application and renewal, bulk expiration checks.
  • IPv6 Support
  • Customizable blocking page:
  • Docker Support

What are the technologies used in the project?

  • The architecture diagram suggests a custom-built engine.
  • Go (Golang) is implied by the samwafgo GitHub organization and compilation instructions.
  • Supports Windows, Linux (64-bit and Arm64), and Docker deployments.

What are the benefits of the project?

  • Cost-effective: Free and open-source.
  • Privacy-focused: Data is processed locally, not sent to the cloud.
  • Customizable: Rules can be tailored to specific needs.
  • Easy to deploy: Simple startup process, service installation options.
  • Improved security posture: Protects against common web attacks.
  • Visibility: Provides insights into website traffic and attack attempts.

What are the use cases of the project?

  • Protecting small business websites.
  • Securing personal websites and blogs.
  • Protecting APIs.
  • Providing a WAF solution for studios or small development teams.
  • Any scenario where a lightweight, privately deployable WAF is needed.
SamWaf screenshot