{"id":24956129,"url":"https://github.com/samwafgo/SamWaf","last_synced_at":"2025-10-18T04:30:33.407Z","repository":{"id":219231182,"uuid":"737285725","full_name":"samwafgo/SamWaf","owner":"samwafgo","description":"SamWaf开源轻量级网站防火墙，完全私有化部署 SamWaf is a lightweight, open-source web application firewall for small companies, studios, and personal websites. It supports fully private deployment, encrypts data stored locally, is easy to start, and supports Linux and Windows 64-bit.","archived":false,"fork":false,"pushed_at":"2025-10-15T07:21:56.000Z","size":41300,"stargazers_count":1174,"open_issues_count":97,"forks_count":127,"subscribers_count":10,"default_branch":"main","last_synced_at":"2025-10-15T20:55:17.891Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://doc.samwaf.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/samwafgo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-12-30T13:32:32.000Z","updated_at":"2025-10-15T07:22:41.000Z","dependencies_parsed_at":"2024-05-11T07:30:35.103Z","dependency_job_id":"5c3a4d68-e23f-4cc1-a53a-7538190cd7e2","html_url":"https://github.com/samwafgo/SamWaf","commit_stats":null,"previous_names":["samwafgo/samwaf"],"tags_count":231,"template":false,"template_full_name":null,"purl":"pkg:github/samwafgo/SamWaf","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samwafgo%2FSamWaf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samwafgo%2FSamWaf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samwafgo%2FSamWaf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samwafgo%2FSamWaf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/samwafgo","download_url":"https://codeload.github.com/samwafgo/SamWaf/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samwafgo%2FSamWaf/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279353416,"owners_count":26154076,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-17T02:00:07.504Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-02-03T06:02:38.217Z","updated_at":"2025-10-18T04:30:33.395Z","avatar_url":"https://github.com/samwafgo.png","language":"Go","funding_links":[],"categories":["Go","防火墙"],"sub_categories":[],"readme":"English | [简体中文](README_ch.md) \n\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg alt=\"SamWaf\" width=\"100\" src=\"./docs/images/logo.png\"\u003e \n\nA lightweight open-source web application firewall\n\n[![Release](https://img.shields.io/github/release/samwafgo/SamWaf.svg)](https://github.com/samwafgo/SamWaf/releases)\n[![Last commit](https://img.shields.io/github/last-commit/samwafgo/SamWaf?style=flat-square\u0026color=blue\u0026logo=github)](https://github.com/samwafgo/SamWaf/releases)\n[![Docker Pulls](https://img.shields.io/docker/pulls/samwaf/samwaf?style=flat-square\u0026color=blue\u0026label=Docker+Image+Pulls)](https://hub.docker.com/r/samwaf/samwaf)\n[![Release Downloads](https://img.shields.io/github/downloads/samwafgo/samwaf/total?style=flat-square\u0026color=blue\u0026label=Release+Downloads)](https://github.com/samwafgo/SamWaf/releases)\n[![Gitee](https://img.shields.io/badge/Gitee-blue?style=flat-square\u0026logo=Gitee)](https://gitee.com/samwaf/SamWaf)\n[![GitHub stars](https://img.shields.io/github/stars/samwafgo/SamWaf?style=flat-square\u0026logo=Github)](https://github.com/samwafgo/SamWaf)\n[![Gitee star](https://gitee.com/samwaf/SamWaf/badge/star.svg?theme=gray)](https://gitee.com/samwaf/SamWaf)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue?style=flat-square)](LICENSE)\n\u003c/div\u003e\n\n  \n## Development Motivation:\n- **Lightweight**: Initially, I used some security products  based on nginx, apache, and iis plugins for protection, but the plugin form had a high coupling degree.\n- **Privatization**: Later, most cloud protection services were adopted, but private deployment is affordable only for medium and large enterprises, while small companies and studios find it costly.\n- **Privacy Encryption**: During web protection, it is preferable to process local data without sending it to the cloud. The goal was to create a tool that encrypts local information and network communications for the management end.\n- **DIY**: Over the years of website maintenance and development, there were specific functions I wanted to add but couldn't achieve.\n- **Awareness**: If the webmaster has never used a similar WAF, it is inconvenient to understand who is accessing the site and what requests are being made solely from logs or nginx, apache, IIS, etc.\n\nIn short, the goal was to create an effective tool for website or API protection to handle abnormal situations and ensure the normal operation of websites and applications.\n\n# Software Introduction\nSamWaf is a lightweight, open-source web application firewall for small companies, studios, and personal websites. It supports fully private deployment, encrypts data stored locally, is easy to start, and supports Linux 、 Windows 64-bit and Arm64.\n\n## Architecture\n\n![SamWaf Architecture](/docs/images_en/tecDesign.png)\n\n## Interface\n![SamWaf Web Application Firewall Overview](/docs/images_en/overview.png)\n\n\u003ctable\u003e\n    \u003ctr\u003e\n        \u003ctd align=\"center\"\u003eAdd Host\u003c/td\u003e\n        \u003ctd align=\"center\"\u003eAttack Log\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/add_host.png\" alt=\"Add Host\"/\u003e\u003c/td\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/attacklog.png\" alt=\"Attack Log\"/\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd align=\"center\"\u003eCC\u003c/td\u003e\n        \u003ctd align=\"center\"\u003eIP Blocklist\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/cc.png\" alt=\"CC\"/\u003e\u003c/td\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/ipblock.png\" alt=\"IP Blocklist\"/\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd align=\"center\"\u003eIP Allowlist\u003c/td\u003e\n        \u003ctd align=\"center\"\u003eLDP\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/ipallow.png\" alt=\"IP Allowlist\"/\u003e\u003c/td\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/ldp.png\" alt=\"LDP\"/\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd align=\"center\"\u003eAdd Rule Script Log\u003c/td\u003e\n        \u003ctd align=\"center\"\u003eSelect Log\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/log_add_rule_script.png\" alt=\"Add Rule Script Log\"/\u003e\u003c/td\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/log_select.png\" alt=\"Select Log\"/\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd align=\"center\"\u003eLog Details\u003c/td\u003e\n        \u003ctd align=\"center\"\u003eManual Rule\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/logdetail.png\" alt=\"Log Details\"/\u003e\u003c/td\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/manual_rule.png\" alt=\"Manual Rule\"/\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd align=\"center\"\u003eURL Blocklist\u003c/td\u003e\n        \u003ctd align=\"center\"\u003eURL Allowlist\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/urlblock.png\" alt=\"URL Blocklist\"/\u003e\u003c/td\u003e\n        \u003ctd\u003e\u003cimg src=\"./docs/images_en/urlallow.png\" alt=\"URL Allowlist\"/\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n\u003c/table\u003e\n\n## Main Features:\n- Completely open-source code\n- Supports private deployment\n- Lightweight, no dependency on third-party services\n- Fully independent engine, protection functions do not rely on IIS, Nginx\n- Customizable protection rules, supporting both script and GUI editing\n- Supports allowlist access\n- Supports IP blocklist\n- Supports URL allowlist\n- Supports URL access restrictions\n- Supports designated data privacy output\n- Supports CC frequency access\n- Supports global one-click configuration\n- Supports separate protection strategies for different websites\n- Encrypted log storage\n- Encrypted communication logs\n- Data obfuscation\n- Supports global one-click configuration\n- Supports OWASP CRS\n- Automatic SSL certificate application and renewal\n- Bulk SSL certificate expiration check\n- IPv6 support\n- Customizable blocking page\n\n# Usage Instructions\n**It is strongly recommended to conduct thorough testing in a test environment before deploying to production. If any issues arise, please provide feedback promptly.**\n## Download the Latest Version\nGitee:  [https://gitee.com/samwaf/SamWaf/releases](https://gitee.com/samwaf/SamWaf/releases)\n\nGitHub: [https://github.com/samwafgo/SamWaf/releases](https://github.com/samwafgo/SamWaf/releases)\n\n## Quick Start\n\n### Windows\n- Start directly\n```\nSamWaf64.exe\n```\n- As a service As Administration\n```\n//Install \u0026 Start\nSamWaf64.exe install \u0026\u0026 SamWaf64.exe start\n\n//Stop \u0026  Uninstall \nSamWaf64.exe stop \u0026\u0026 SamWaf64.exe uninstall\n``` \n\n### Linux\n- install\n```\ncurl -sSO http://update.samwaf.com/latest/install_samwaf.sh \u0026\u0026 bash install_samwaf.sh install \n``` \n\n- uninstall\n```\ncurl -sSO http://update.samwaf.com/latest/install_samwaf.sh \u0026\u0026 bash install_samwaf.sh uninstall \n```\n\n### Docker\n```\ndocker run -d --name=samwaf-instance \\\n           -p 26666:26666 \\\n           -p 80:80 \\\n           -p 443:443 \\\n           -v /path/to/your/conf:/app/conf \\\n           -v /path/to/your/data:/app/data \\\n           -v /path/to/your/logs:/app/logs \\\n           -v /path/to/your/ssl:/app/ssl \\\n           samwaf/samwaf\n\n\n```\nMore Detail Docker https://hub.docker.com/r/samwaf/samwaf\n\nTags:\n- **latest**: The latest stable release (recommended for production use).\n- **beta**: The latest testing version (allows testing of new features or specific bug fixes).\n\n## Start Access\n\nhttp://127.0.0.1:26666\n\nDefault account: admin  Default password: admin868 (Please change the default password upon first login)\n\n\n## Upgrade Guide\n\n**Note: The upgrade process will terminate the service, please upgrade during off-peak hours.**\n\n### Automatic Upgrade\nIf a new version is available, an upgrade prompt will pop up for confirmation, allowing you to initiate the upgrade. The page will automatically refresh after the upgrade is complete.\n\n### Manual Upgrade\n- For direct launch:\n    1. Close the application.\n    2. Download the latest program and replace the existing files, then manually start it again.\n\n- For service mode:\n```\n1. First, pause the service.\n\n  Windows: SamWaf64.exe stop\n  Linux: ./SamWafLinux64 stop\n  \n2. Replace with the latest application files.\n\n3. Start the service:\nWindows: SamWaf64.exe start\nLinux: ./SamWafLinux64 start\n```\n\n**Note**: Upgrading the Windows service may trigger security rules from 360 or Huorong, preventing the new files from being replaced normally. In this case, you can manually replace the files. Those familiar with this area can help determine the correct handling method.\n\n## Online Documentation\n\n[Online Documentation](https://doc.samwaf.com/)\n\n# Code Information\n## Code Repository\n- Gitee\n[https://gitee.com/samwaf/SamWaf](https://gitee.com/samwaf/SamWaf)\n- GitHub\n[https://github.com/samwafgo/SamWaf](https://github.com/samwafgo/SamWaf)\n\n## Introduction and Compilation\nHow to Compile\n[Compilation Instructions](./docs/compile.md)\n\nCompile Online Manual：\n[https://doc.samwaf.com/en/dev/](https://doc.samwaf.com/en/dev/)\n\n## Tested and Supported Platforms\n[Tested and Supported Platforms](./docs/Tested_supported_systems.md)\n\n## Other Info \n\n- [Update IP Database](./docs/ipmodify.md)\n\n## Testing Results\n[Testing Results](./test/attackTest.md)\n\n# Security Policy\n[Security Policy](./SECURITY.md)\n\n# Feedback\nSamWaf is continuously iterating. We welcome feedback and suggestions.\n\n- [Gitee Issues](https://gitee.com/samwaf/SamWaf/issues)\n- [GitHub Issues](https://github.com/samwafgo/SamWaf/issues)\n- Email feedback: samwafgo@gmail.com\n\n# WeChat Public Account\n\n\u003cimg alt=\"SamWaf\" width=\"400px\"  src=\"./docs/images/mp_samwaf.png\"\u003e \n\n## Star history\n\n[![Star History Chart](https://api.star-history.com/svg?repos=samwafgo/samwaf\u0026type=Date)](https://star-history.com/#samwafgo/samwaf\u0026Date)\n\n\n#  License\nSamWaf is licensed under the Apache License 2.0. Refer to [LICENSE](./LICENSE) for more details.\n\nFor third-party software usage notice, see [ThirdLicense](./ThirdLicense)\n\n# Contribution\n Thanks for the following contributors!\n\n\u003ca href=\"https://github.com/samwafgo/SamWaf/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=samwafgo/SamWaf\" /\u003e\n\u003c/a\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamwafgo%2FSamWaf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsamwafgo%2FSamWaf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamwafgo%2FSamWaf/lists"}