This project implements a secure reverse proxy in Python between OpenWebUI and Ollama, adding a real-time security layer using Palo Alto Networks AIRS.
The proxy intercepts every user prompt and model response to analyze it for malicious or sensitive content. If approved, the prompt or response is forwarded; otherwise, it is blocked with an appropriate explanation.
- Scans user prompts using AIRS before reaching the LLM
- Scans model responses before returning to the user
- Transparent fallback proxy for other Ollama API routes
- Blocks toxic, malicious, or sensitive content
- Fully dockerized for fast deployment
- Compatible with OpenWebUI + Ollama models (e.g. LLaMA3)
- Docker & Docker Compose
- A
.envfile with AIRS credentials:
PANW_X_PAN_TOKEN=your-token PANW_PROFILE_ID=your-profile-id PANW_PROFILE_NAME=your-profile-name
-
Clone the repository: git clone https://github.com/your-user/python_ai_proxy.git cd python_ai_proxy
-
Add a
.envfile with your AIRS credentials. -
Build & run the stack: docker-compose up --build
-
Open OpenWebUI at: http://localhost:8080
. βββ airs.py # AIRS integration logic βββ main.py # FastAPI application βββ ollama.py # Helper for Ollama calls βββ Dockerfile # Python proxy container βββ docker-compose.yml # Full stack definition βββ requirements.txt # Python dependencies βββ .env # Environment variables (ignored by git)
{ "message": { "role": "assistant", "content": "β Response blocked by Palo Alto AIRS.\n\nCategory: sensitive_content\nSuggestion: Please reformulate your prompt." }, "done": true }
- Python 3.11
- FastAPI + Uvicorn
- aiohttp + requests
- OpenWebUI frontend
- Ollama for local models
- Palo Alto Networks AIRS
MIT License β see LICENSE for details.
- Based on Palo Alto Networks AIRS API
- Powered by Ollama + OpenWebUI