{"id":22816503,"url":"https://github.com/ishanoshada/flask-waf","last_synced_at":"2026-02-24T20:38:50.966Z","repository":{"id":265298165,"uuid":"895707507","full_name":"Ishanoshada/Flask-Waf","owner":"Ishanoshada","description":"Flask-WAF is an advanced Web Application Firewall (WAF) extension for Flask applications. It provides comprehensive protection against various web application threats, enhancing the security of your Flask-based web applications.","archived":false,"fork":false,"pushed_at":"2024-11-28T19:20:08.000Z","size":11,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-14T00:48:33.084Z","etag":null,"topics":["api","flask","flask-api","flask-backend","pypi","python","waf"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Ishanoshada.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-28T18:16:26.000Z","updated_at":"2024-11-28T20:25:27.000Z","dependencies_parsed_at":"2024-11-28T20:19:13.416Z","dependency_job_id":"6d37f7bf-21de-4bdf-b729-312e3817f810","html_url":"https://github.com/Ishanoshada/Flask-Waf","commit_stats":null,"previous_names":["ishanoshada/flask-waf"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ishanoshada%2FFlask-Waf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ishanoshada%2FFlask-Waf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ishanoshada%2FFlask-Waf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ishanoshada%2FFlask-Waf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Ishanoshada","download_url":"https://codeload.github.com/Ishanoshada/Flask-Waf/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237413197,"owners_count":19306035,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","flask","flask-api","flask-backend","pypi","python","waf"],"created_at":"2024-12-12T14:07:45.160Z","updated_at":"2026-02-24T20:38:50.959Z","avatar_url":"https://github.com/Ishanoshada.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Flask-WAF\n\nFlask-WAF is an advanced Web Application Firewall (WAF) extension for Flask applications. It provides comprehensive protection against various web application threats, enhancing the security of your Flask-based web applications.\n\n## Table of Contents\n\n1. [Features](#features)\n2. [Installation](#installation)\n3. [Quick Start](#quick-start)\n4. [Configuration](#configuration)\n5. [Advanced Usage](#advanced-usage)\n6. [API Reference](#api-reference)\n7. [Contributing](#contributing)\n8. [License](#license)\n\n## Features\n\n- Advanced rule engine for detecting and blocking malicious requests\n- Session protection to prevent session hijacking and fixation attacks\n- Content Security Policy (CSP) implementation\n- Threat intelligence integration\n- Anomaly detection to identify unusual patterns\n- Rate limiting to prevent abuse\n- Comprehensive logging\n- Customizable security rules and policies\n\n## Installation\n\nYou can install Flask-WAF using pip:\n\n```bash\npip install flask-waf\n```\n\nAlternatively, you can install from the source:\n\n```shellscript\ngit clone https://github.com/yourusername/flask-waf.git\ncd flask-waf\npip install -e .\n```\n\n## Quick Start\n\nHere's a simple example of how to use Flask-WAF:\n\n```python\nfrom flask import Flask\nfrom flask_waf import WAF\n\napp = Flask(__name__)\napp.config['SECRET_KEY'] = 'your-secret-key' # Required for session handling\nwaf = WAF(app)\n\n@app.route('/')\ndef hello_world():\n return 'Hello, World!'\n\nif __name__ == '__main__':\n app.run(debug=True)\n```\n\nThis basic setup will apply default WAF protection to your Flask application.\n\n## Configuration\n\nFlask-WAF can be configured using a JSON file or by passing a dictionary to the WAF constructor. Here's an example configuration:\n\n```python\nwaf_config = {\n \"max_request_size\": 1048576, # 1MB\n \"allowed_content_types\": [\n \"application/x-www-form-urlencoded\",\n \"application/json\",\n \"multipart/form-data\"\n ],\n \"max_url_length\": 2083,\n \"max_query_params\": 100,\n \"max_headers\": 100,\n \"required_headers\": [\"Host\", \"User-Agent\"],\n \"rate_limit\": 100, # requests per minute\n \"session_protection\": True,\n \"content_security_policy\": {\n \"default-src\": [\"'self'\"],\n \"script-src\": [\"'self'\", \"'unsafe-inline'\"],\n \"style-src\": [\"'self'\", \"'unsafe-inline'\"],\n },\n \"anomaly_detection\": {\n \"request_threshold\": 10,\n \"time_window\": 60\n }\n}\n\nwaf = WAF(app, config=waf_config)\n```\n\nYou can also load the configuration from a JSON file:\n\n```python\nwaf = WAF(app, config_file='waf_config.json')\n```\n\n## Advanced Usage\n\n### Custom Rules\n\nYou can add custom rules to the WAF's rule engine:\n\n```python\nfrom flask_waf import WAF, Rule\n\nwaf = WAF(app)\n\ncustom_rule = Rule(\n name='Custom SQL Injection Check',\n pattern=r'UNION\\s+SELECT',\n locations=['params', 'form', 'json'],\n severity='high',\n description='Detected potential SQL injection attempt'\n)\n\nwaf.rule_engine.add_rule(custom_rule)\n```\n\n### Threat Intelligence Integration\n\nYou can update the threat intelligence module with custom malicious patterns:\n\n```python\nwaf.threat_intel.add_malicious_pattern(r'malware\\.com')\nwaf.threat_intel.add_malicious_ip_range('192.0.2.0', '192.0.2.255')\n```\n\n### Logging\n\nFlask-WAF provides comprehensive logging. You can customize the log file location:\n\n```python\nwaf.logger.set_log_file('/path/to/waf.log')\n```\n\n## API Reference\n\n### WAF Class\n\nThe main class for initializing the Web Application Firewall.\n\n```python\nclass WAF:\n def __init__(self, app=None, config=None, config_file=None):\n ...\n\n def init_app(self, app):\n ...\n\n def check_request(self):\n ...\n\n def add_security_headers(self, response):\n ...\n```\n\n### Rule Class\n\nUsed for defining custom security rules.\n\n```python\nclass Rule:\n def __init__(self, name, pattern, locations, severity='medium', description=''):\n ...\n\n def check(self, data):\n ...\n```\n\n### RuleEngine Class\n\nManages and applies security rules.\n\n```python\nclass RuleEngine:\n def add_rule(self, rule):\n ...\n\n def remove_rule(self, rule_name):\n ...\n\n def check_request(self, request):\n ...\n```\n\nFor a complete API reference, please refer to the [API documentation](https://flask-waf.readthedocs.io/en/latest/api.html).\n\n## Contributing\n\nWe welcome contributions! Please see our [contributing guide](CONTRIBUTING.md) for more details.\n\n## License\n\nFlask-WAF is released under the MIT License. See the [LICENSE](LICENSE) file for more details.\n\n**Repository Views** ![Views](https://profile-counter.glitch.me/flask-waf/count.svg)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fishanoshada%2Fflask-waf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fishanoshada%2Fflask-waf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fishanoshada%2Fflask-waf/lists"}