ModSecurity-nginx
BunkerWeb
Our great sponsors
ModSecurity-nginx | BunkerWeb | |
---|---|---|
4 | 16 | |
1,420 | 3,414 | |
1.4% | 2.0% | |
5.7 | 9.9 | |
1 day ago | 5 days ago | |
Perl | Lua | |
Apache License 2.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ModSecurity-nginx
-
NGINX WAF alternatives: App Protect vs. ModSecurity vs. open-appsec
ModSecurity v3 has also introduced major changes in how ModSecurity works. The entire WAF is not packed together anymore. Instead, the single libmodsecurity engine is paired with a connector module that interfaces the application with the server. Different connectors are available based on the server and are hosted as independent packages. This means that there's a separate ModSecurity v3 Nginx Connector project.
-
What (software, open source) WAF are you using with (open source) Nginx?
I'm currently erring toward ModSecurity & the Nginx connector now that it's been de-Apache'd.
-
How to implement WAF on Kong Ingress controller? (like ModSecurity v3)
ModSecurity Connector: https://github.com/SpiderLabs/ModSecurity-nginx
BunkerWeb
- BunkerWeb: Nginx-based open-source Web Application Firewall (WAF)
-
Nginx Proxy Manager
Its documentation is nice as well. You can also find them on Discord and the GitHub repo is also pretty clean and have many example configurations there.
-
NGINX or Caddy?
I know you asked about Nginx vs Caddy but to throw another one into the mix have a look at BunkerWeb. I only started using it within the last couple of months but it's based on Nginx with a tonne of usability and security improvements. I now use BunkerWeb to expose services externally and Traefik internally.
-
Rebuiding my entire server - Looking for advises to start on a right foot
There's also a security optimized NGINX image called BunkerWeb. It has a WAF builtin and an optional web interface.
-
Structure of my rebuilt HomeServer with Podman
Right now I'm doing a similar setup but I want to use NGINX with integrated WAF.
-
Top 10 Developer Trends, Thu Oct 22 2020
bunkerity / bunkerized-nginx
What are some alternatives?
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
nginx-waf - Nginx + ModSecurity WAF
ModSecurity - ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
coraza - OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
miniProxy
traefik-modsecurity-plugin - Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container
traefik - The Cloud Native Application Proxy
socks5-proxy-server - SOCKS5 proxy server
nginx-proxy - Automated nginx proxy for Docker containers using docker-gen [Moved to: https://github.com/nginx-proxy/nginx-proxy]
imgproxy - Fast and secure standalone server for resizing and converting remote images
lua-resty-waf - High-performance WAF built on the OpenResty stack
widevine-l3-decryptor - A Chrome extension that demonstrates bypassing Widevine L3 DRM