A simple, powerful Web Application Firewall using OWASP Coraza with essential security rules to protect your web applications.
- 🔒 Essential OWASP Protection - Blocks SQL injection, XSS, RCE, and more
- ⚡ Real-time Blocking - Instant protection against malicious requests
- 📊 Monitoring Ready - Built-in Prometheus metrics
- 🐳 Docker Native - Easy deployment with Docker Compose
- 🔧 Easy Integration - Works with Traefik, Nginx, Apache
# Download and run
git clone https://github.com/gsmel/coraza-traefik-WAF
cd coraza-traefik-WAF
docker compose up -d --build# Normal request (should work)
curl http://localhost:9080
# Malicious request (should be blocked)
curl -d "hack=<script>alert('xss')</script>" http://localhost:9080
# Response: Forbidden
# View metrics
curl http://localhost:9090/metricsChoose your reverse proxy:
See integrations/traefik-middleware.yml for complete setup.
See integrations/nginx-auth.conf for configuration.
See integrations/apache-proxy.conf for configuration.
├── docker-compose.yml # Main deployment
├── Dockerfile # WAF container
├── main.go # WAF application
├── rules/ # OWASP security rules
├── integrations/ # Reverse proxy configs
│ ├── traefik-middleware.yml
│ ├── nginx-auth.conf
│ └── apache-proxy.conf
├── LICENSE # Apache 2.0 license
└── .gitignore # Git ignore rules
- Logs:
docker compose logs -f coraza - Metrics: http://localhost:9090/metrics
- Status:
docker ps | grep coraza
Edit rules/crs-setup.conf to adjust:
- Security strictness (paranoia level)
- Blocking thresholds
- Custom exclusions
Restart after changes: docker compose restart
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
Licensed under the Apache License 2.0 - see LICENSE file.
-
Traefik: v2.10
-
Coraza: v3.0.0
-
Alpine: 3.19 (base image)
-
Based on official OWASP Coraza project
-
Last Updated: April 2025