BunkerWeb
zitadel
BunkerWeb | zitadel | |
---|---|---|
16 | 80 | |
3,485 | 7,102 | |
2.1% | 6.6% | |
9.9 | 9.8 | |
1 day ago | 2 days ago | |
Lua | Go | |
GNU Affero General Public License v3.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
BunkerWeb
- BunkerWeb: Nginx-based open-source Web Application Firewall (WAF)
-
How do you protect your network before exposing 80/443 to the world?
Keep in mind that integrating a WAF can render certain apps not working if the security configuration is set too paranoid. There are a lot of examples for apps that might be affected, though.
-
Nginx Proxy Manager
Its documentation is nice as well. You can also find them on Discord and the GitHub repo is also pretty clean and have many example configurations there.
-
Security - Use VPS as reverse proxy only or actually host apps in it?
This also effectively allows your killswitch to be Nginx on the VPS while still allowing local network traffic at home. You can take it a step further and geoblock countries and more with https://github.com/bunkerity/bunkerweb.
-
NGINX or Caddy?
I know you asked about Nginx vs Caddy but to throw another one into the mix have a look at BunkerWeb. I only started using it within the last couple of months but it's based on Nginx with a tonne of usability and security improvements. I now use BunkerWeb to expose services externally and Traefik internally.
-
[Help] Simple static website in multi-site setup.
Creating a new discussion here doesn't seem to be an option (doesn't allow me to do so) so I came here.
- bunkerweb - Make your web services secure by default
-
Rebuiding my entire server - Looking for advises to start on a right foot
There's also a security optimized NGINX image called BunkerWeb. It has a WAF builtin and an optional web interface.
-
Structure of my rebuilt HomeServer with Podman
Right now I'm doing a similar setup but I want to use NGINX with integrated WAF.
-
Pre-compiled Modsecurity for Nginx in Centos
Bunkerised nginx comes me in mind here https://github.com/bunkerity/bunkerized-nginx
zitadel
- Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
-
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
ZITADEL Cloud — A turnkey user and access management that works for you and supports multi-tenant (B2B) use cases. Free for up to 25,000 authenticated requests, with all security features (no paywall for OTP, Passwordless, Policies, and so on).
-
Ask HN: Technical Challenges in Building Multi-Tenant SaaS Products
One of the challenges we see is providing self-service for team management. That includes letting an admin assign roles to their users, manage user lifecycle (eg through sso), and setting up security policies. For sure you can build the basics, but it becomes complex later on if you manage a lot of tenants or or more enterprise customers. For Auth only there are many solutions out there that work great. There's only a few solutions with multi-tenancy at the core, though, like https://github.com/zitadel/zitadel
- B2B identity infrastructure written in Go
-
14 DevOps and SRE Tools for 2024: Your Ultimate Guide to Stay Ahead
ZITADEL
-
Okta Says Hackers Stole Data for All Customer Support Users
Check out ZITADEL! (full disclosure, I'm part of the team)
It's an open-source IAM solution. It offers a cloud-based SaaS option and can also be downloaded for self-hosting. You can try the hosted cloud version for free - https://zitadel.com/signin
It provides:
- authentication and authorization capabilities (including IdP Federation)
- auditing
- custom extensions
- support for standards such as OIDC/OAuth/SAML/LDAP
- full API support
- various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios.
It mostly aims to ensure ease of operation and scalability (users love the simplicity). The community and team actively contribute towards development and support.
You can download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview
Github- https://github.com/zitadel/zitadel
Case studies and testimonials - https://zitadel.com/blog/tags/successstory
-
Ask HN: Who's looking for contributors for OSS Projects
Check out ZITADEL, an open source identity and access management solution - https://github.com/zitadel/zitadel
A good starting place is the issues. You can also check our documentation and make PRs for improvements. And feel free to jump into discussions. We also give swag to our first-time contributors as a token of appreciation.
-
🚀 ZITADEL v2.40.0 is out!
Go on and try it ➡️ https://zitadel.cloud See what's new ➡️ https://github.com/zitadel/zitadel/releases/tag/v2.40.0
- Show HN: Obligator – An OpenID Connect server for self-hosters
What are some alternatives?
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
authentik - The authentication glue you need.
miniProxy
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
traefik-modsecurity-plugin - Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
traefik - The Cloud Native Application Proxy
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]
socks5-proxy-server - SOCKS5 proxy server
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
nginx-proxy - Automated nginx proxy for Docker containers using docker-gen [Moved to: https://github.com/nginx-proxy/nginx-proxy]
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito