{"id":17696036,"url":"https://github.com/cletqui/imperva-waf_direct-access","last_synced_at":"2025-07-20T11:31:41.219Z","repository":{"id":196561101,"uuid":"696367968","full_name":"cletqui/Imperva-WAF_direct-access","owner":"cletqui","description":"Check if your Imperva WAF protected websites are accessible directly!","archived":false,"fork":false,"pushed_at":"2024-05-24T14:32:07.000Z","size":56,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-06T19:15:44.061Z","etag":null,"topics":["application-security","cybersecurity","imperva","waf","web-application-firewall"],"latest_commit_sha":null,"homepage":"https://www.imperva.com/products/web-application-firewall-waf/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cletqui.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-25T15:50:22.000Z","updated_at":"2024-05-24T14:32:10.000Z","dependencies_parsed_at":"2024-10-24T17:48:25.003Z","dependency_job_id":"1cf8c485-b046-4929-8aa4-c34bfa68a520","html_url":"https://github.com/cletqui/Imperva-WAF_direct-access","commit_stats":null,"previous_names":["cletqui/imperva-waf_direct-access"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/cletqui/Imperva-WAF_direct-access","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cletqui%2FImperva-WAF_direct-access","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cletqui%2FImperva-WAF_direct-access/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cletqui%2FImperva-WAF_direct-access/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cletqui%2FImperva-WAF_direct-access/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cletqui","download_url":"https://codeload.github.com/cletqui/Imperva-WAF_direct-access/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cletqui%2FImperva-WAF_direct-access/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266116858,"owners_count":23878961,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["application-security","cybersecurity","imperva","waf","web-application-firewall"],"created_at":"2024-10-24T14:43:07.399Z","updated_at":"2025-07-20T11:31:41.194Z","avatar_url":"https://github.com/cletqui.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Imperva-WAF_direct-access\n\n## Description\n\nImperva-WAF_direct-access is a project designed to help you check whether the backend of your websites behind an Imperva Web Application Firewall ([WAF](https://www.imperva.com/products/web-application-firewall-waf/)) is directly accessible without going through the WAF. This can be a valuable security measure to ensure that traffic is routed through your WAF as recommended (c.f. [Imperva Documentation](https://www.imperva.com/blog/how-to-maximize-your-waf/)).\n\n## Table of Contents\n\n- [Imperva-WAF\\_direct-access](#imperva-waf_direct-access)\n  - [Description](#description)\n  - [Table of Contents](#table-of-contents)\n  - [Features](#features)\n  - [Installation](#installation)\n  - [Imperva API Setup](#imperva-api-setup)\n  - [Usage](#usage)\n    - [Options](#options)\n    - [Examples](#examples)\n  - [Acknowledgments](#acknowledgments)\n  - [Roadmap](#roadmap)\n  - [Support](#support)\n  - [Contributing](#contributing)\n  - [License](#license)\n  - [Project Status](#project-status)\n\n## Features\n\n- Check if backend servers are directly accessible without the WAF.\n- Option to list only the websites names (to see exactly what sites are secured by your WAF).\n- User-friendly and easy to run.\n\n## Installation\n\n1. Clone this repository:\n\n   ```bash\n   git clone https://github.com/cletqui/Imperva-WAF_direct-access.git\n   ```\n\n2. Navigate to the project directory:\n\n   ```bash\n   cd Imperva-WAF_direct-access\n   ```\n\n3. Make the script executable:\n\n   ```bash\n   chmod +x check_direct_access.sh\n   ```\n\n## Imperva API Setup\n\nTo use this repository with Imperva API, you need to create a `.env` file in the project directory with the following credentials:\n\n1. **API Endpoint**:\n   Set the API endpoint URL as follows:\n\n   ```plaintext\n   API_ENDPOINT=\"https://my.imperva.com/api/prov/v1/sites/list\"\n   ```\n\n2. **API Credentials**:\n   Provide your Imperva API credentials:\n\n   - API_ID: Your API ID\n   - API_KEY: Your API Key\n\n   ```plaintext\n   API_ID=00000\n   API_KEY=\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n   ```\n\n3. **Account ID**:\n   Specify your Imperva Account ID:\n\n   ```plaintext\n   ACCOUNT_ID=0000000\n   ```\n\nEnsure that you replace the placeholder values with your actual Imperva API information. Keep this `.env` file secure and do not share it publicly. It is explicitely excluded in `.gitignore`.\n\n## Usage\n\nTo use this script, you can run it from the command line with the following options:\n\n```bash\n./check_direct_access.sh check.py [OPTIONS]\n```\n\nRemember to replace the option values with your specific choices and ensure that you have created a `.env` file with your Imperva API credentials as explained in the previous section.\n\n### Options\n\n- `-v, --verbose`: Enable verbose mode (log it into logs.txt).\n- `-a, --all`: Include all websites (only unsafe websites by default).\n- `-o, --output \u003cfile\u003e`: Specify the output file (with a .json extension).\n- `-t, --timeout \u003ctimeout\u003e`: Specify the timeout in seconds (positive integer).\n- `-l, --list-only`: List only websites (no check is performed).\n- `-e, --env \u003cfile\u003e`: Specify the path to a .env file for environment variables.\n- `-h, --help`: Display this help message.\n\n### Examples\n\n1. **Basic Usage**:\n\n   ```bash\n   ./check_direct_access.sh -v -a -o output.json -t 10 -e .env\n   ```\n\n2. **Minimum Usage**:\n\n   ```bash\n   ./check_direct_access.sh\n   ```\n\n3. **Display Help**:\n\n   ```bash\n   ./check_direct_access.sh -h\n   ```\n\n## Acknowledgments\n\n- [Imperva](https://www.imperva.com/) for their Web Application Firewall technology.\n- Contributors: List any contributors here.\n\n## Roadmap\n\n- [x] Return data in JSON.\n- [ ] Add option to test only selected websites\n- [ ] Improve user interface and error handling.\n- [ ] Add additional security checks.\n- [ ] Adapt shell scritp to Python.\n\n## Support\n\nIf you have any questions or encounter issues, please open an [issue](https://github.com/cletqui/Imperva-WAF_direct-access/issues).\n\n## Contributing\n\nContributions are welcome! Feel free to open an issue or submit a pull request.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## Project Status\n\nThis project is actively maintained and open to contributions.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcletqui%2Fimperva-waf_direct-access","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcletqui%2Fimperva-waf_direct-access","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcletqui%2Fimperva-waf_direct-access/lists"}