Skip to content
/ caswaf Public

Web Application Firewall (WAF), aligned with ModSecurity, powered by Casbin and Casdoor

License

Notifications You must be signed in to change notification settings

iLern/caswaf

Repository files navigation

📦⚡️ CasWAF

An open-source Web Application Firewall (WAF) software developed by Go and React.

semantic-release docker pull casbin/caswaf GitHub Release Docker Image Version (latest semver)

Go Report Card license GitHub issues GitHub stars GitHub forks

Online Demo

Deployed site: https://waf.casbin.com/

Architecture

CasWAF contains 2 parts:

Name Description Language Source code
Frontend Web frontend UI for CasWAF Javascript + React https://github.com/casbin/caswaf/tree/master/web
Backend RESTful API backend for CAsWAF Golang + Beego + MySQL https://github.com/casbin/caswaf

Installation

CasWAF uses Casdoor to manage members. So you need to create an organization and an application for CasWAF in a Casdoor instance.

Necessary configuration

Get the code

go get github.com/casbin/casdoor
go get github.com/casbin/caswaf

or

git clone https://github.com/casbin/casdoor
git clone https://github.com/casbin/caswaf

Setup database

CasWAF will store its users, nodes and topics informations in a MySQL database named: caswaf, will create it if not existed. The DB connection string can be specified at: https://github.com/casbin/caswaf/blob/master/conf/app.conf

dataSourceName = root:123@tcp(localhost:3306)/

CasWAF uses XORM to connect to DB, so all DBs supported by XORM can also be used.

Configure Casdoor

After creating an organization and an application for CasWAF in a Casdoor, you need to update clientID, clientSecret, casdoorOrganization and casdoorApplication in app.conf.

Run CasWAF

  • Configure and run CasWAF by yourself. If you want to learn more about caswaf.
  • Open browser: http://localhost:16001/

Optional configuration

Setup your WAF to enable some third-party login platform

CasWAF uses Casdoor to manage members. If you want to log in with oauth, you should see casdoor oauth configuration.

OSS, Mail, and SMS services

CasWAF uses Casdoor to upload files to cloud storage, send Emails and send SMSs. See Casdoor for more details.

Contribute

For CasWAF, if you have any questions, you can give Issues, or you can also directly start Pull Requests(but we recommend giving issues first to communicate with the community).

License

Apache-2.0

About

Web Application Firewall (WAF), aligned with ModSecurity, powered by Casbin and Casdoor

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published