Janusec Application Gateway  

README | README中文版

Build Scalable Application Security Infrastructures

Janusec Application Gateway, an application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing. With Janusec, you can build secure and scalable applications.

Key Features

• WAF (Web Application Firewall), block SQL Injection, Cross-site Scripting, Sensitive Data Leakage, CC Attacks etc.
• Group Policy (Cooperation with Multiple Check Points)
• CAPTCHA support
• Unified Web Administration, include Web SSH operation
• OAuth2 support
• HTTPS support, No Agent Required.
• Certificate Protection with Private Key Encrypted Storage
• Scalable Architecture, Load Balance and Multiple Nodes Support

Screenshots

SQL Injection Screenshot

Sensitive Data Leakage Screenshot

Product Web Site

https://janusec.github.io/

Detailed documentation is available at Janusec Application Gateway Documentation.

Requirements

• PostgreSQL 9.3~9.6 or 10 (Required by Development and Master Node of Deployment)
• CentOS/RHEL 7, Debian 9
• systemd
• Golang 1.14+ (Required by Development Only)

Quick Start for Deployment

https://janusec.github.io/documentation/quick-start/

Quick Start for Developer

go get -u github.com/Janusec/janusec
cd $GOPATH/src/github.com/Janusec/janusec

Edit config.json with PostgreSQL

"host": "127.0.0.1",
"port": "5432",
"user": "janusec",
"password": "123456",
"dbname": "janusec"

Janusec will encrypt the password automatically.
Then:

go build
su (switch to root)
./janusec

Web Administration

When listen=false in config.json :

http://your_master_node_ip_address/janusec-admin/ (first use)
https://your_application_domain_name/janusec-admin/ (after certificate configured)

When listen=true in config.json :

http://your_master_node_ip_address:9080/janusec-admin/ (first use)
https://your_master_node_domain_name:9443/janusec-admin/ (after certificate configured)

When using master node only, any application domain name can be used for admin.
But if you have one or more slave nodes, you should apply for a seperate domain name for master node.

Janusec Application Gateway Configuration

Release

go build
su
./release.sh (Only support Linux Now)

The release package is under ./dist .

Web Administration Portal

Release directory is ./static/janusec-admin/ , and source code is available at Janusec-Admin Github with Angular 9.

LICENSE

Janusec Application Gateway source files are made available under the terms of the GNU Affero General Public License (GNU AGPLv3).

Support

• Product: https://janusec.github.io/
• Official site: https://www.janusec.com/
• Email: support#janusec.com
• QQ Group: 776900157 , @U2 (The Author)