BunkerWeb: Nginx-based open-source Web Application Firewall (WAF)
docs.bunkerweb.ioBunkerWeb effortlessly integrates into your existing environments, whether it's Linux, Docker, Swarm, Kubernetes, or more. Its versatility allows for easy configuration to suit your specific requirements. Don't worry if you prefer a user-friendly interface—BunkerWeb offers an exceptional web UI alongside the command-line interface (CLI), ensuring accessibility for all users.
(BW maintainers here)
Thanks for sharing BW on HN !
I'd love to hear from somebody who has run this in production. What was your experience like? Would you recommend this?
I feel like the last several years have gotten many of us dependent on Cloudflare. I love Cloudflare, but I think it's healthy and important to have an open source WAF that is usable.
(BW maintainers here)
We try our best to fix critical bugs and enhance the user experience. I can tell you that BW is running in production for both homelabs and enterprise.
It's just a wrapper around the abandoned ModSecurity waf.
(BW maintainers here)
ModSecurity is just one security feature included into BW, you can find the full list here : https://docs.bunkerweb.io/latest/security-tuning/
Btw we also have plugins (e.g. coraza) as described here : https://docs.bunkerweb.io/latest/plugins/