My enterprise open-source Web Application Firewall
- License
MyWaf is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
MyWaf is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with MyWaf. If not, see http://www.gnu.org/licenses/.
- Overview
MyWaf is a set of scripts intended to ease the installation and configuration of a Web Application Firewall on a Linux/Debian Wheezy distribution.
- Installation
In a shell:
wget https://raw.github.com/anaoy/mywaf/master/mywafinstall.sh
chmod +x mywafinstall.sh
sudo ./mywafinstall.sh- Usage
In order to have a working WAF, you have to:
-
Add a VHOST
-
Start learning mode on this VHOST
-
Make every legit user inputs possible on the site (modifying hosts file, we recommend publishing DNS entry after the whole process)
-
Stop learning mode on the VHOST
-
Understand the rules
-
You're done!
MyWaf usage:
------------
mywaf [add VHOST IP | del VHOST] Add/delete selected VHOST
mywaf list List enabled VHOST
mywaf [learn VHOST | stoplearn VHOST] Enable/disable learning mode on VHOST
mywaf understand VHOST Process whitelist from logs (CARE if you've
ALREADY been ATTACKED!)