{"id":23243365,"url":"https://github.com/taqsblaze/reqweb","last_synced_at":"2025-08-20T03:32:27.879Z","repository":{"id":267765494,"uuid":"902221958","full_name":"TaqsBlaze/ReqWeb","owner":"TaqsBlaze","description":"ReqWeb is a lightweight and customizable Web Application Firewall (WAF) for Node based applications It provides IP-based filtering, request rate limiting, and logging, helping to protect your web applications from malicious traffic and unauthorized access.","archived":false,"fork":false,"pushed_at":"2024-12-12T23:44:43.000Z","size":3640,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-12-13T00:20:27.832Z","etag":null,"topics":["firewall","firewall-rules","javascript","node","nodejs","react","secureaccess","security","waf","web"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TaqsBlaze.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-12T06:33:51.000Z","updated_at":"2024-12-12T23:44:47.000Z","dependencies_parsed_at":"2024-12-13T00:20:29.637Z","dependency_job_id":null,"html_url":"https://github.com/TaqsBlaze/ReqWeb","commit_stats":null,"previous_names":["taqsblaze/netweb","taqsblaze/reqweb"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TaqsBlaze%2FReqWeb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TaqsBlaze%2FReqWeb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TaqsBlaze%2FReqWeb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TaqsBlaze%2FReqWeb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TaqsBlaze","download_url":"https://codeload.github.com/TaqsBlaze/ReqWeb/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230388127,"owners_count":18217759,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firewall","firewall-rules","javascript","node","nodejs","react","secureaccess","security","waf","web"],"created_at":"2024-12-19T06:16:41.244Z","updated_at":"2024-12-19T06:16:41.810Z","avatar_url":"https://github.com/TaqsBlaze.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"![ReqWeb Logo](https://raw.githubusercontent.com/TaqsBlaze/ReqWeb/refs/heads/main/src/logo/logo.webp)\n---\n\n# **ReqWeb - Web Application Firewall (WAF)**\n\n**ReqWeb** is a lightweight and customizable **Web Application Firewall (WAF)** for Node.js. It provides IP-based filtering, request rate limiting, and logging, helping to protect your web applications from malicious traffic and unauthorized access.\n\n## **Features**\n- **IP Filtering**: Block or allow specific IPs or CIDR ranges.\n- **Rate Limiting**: Control the frequency of requests to prevent abuse.\n- **Request Blocking**: Define custom rules to block unwanted requests.\n- **Logging**: Detailed request logging to monitor security events.\n- **Easy Integration**: Drop-in middleware for Express.js or any Node.js application.\n\n## **Installation**\n\nTo install **ReqWeb**, simply run the following command:\n\n```bash\nnpm install reqweb\n```\n\n## **Usage**\n\n### Basic Setup with Express.js\n\n1. **Import the package**:\n   First, require **ReqWeb** in your application:\n\n   ```javascript\n   \n    const express = require('express');\n    const reqweb = require('reqweb');\n    const apiRoutes = require('./web/public/routes/api');\n    const ipFilter = require('reqweb/src/middlewares/ipFilter');\n    const ruleEngine = require('reqweb/src/middlewares/ruleEngine');\n    const logger = require('reqweb/src/middlewares/logger');\n\n   ```\n\n2. **Load Configuration**:\n   **ReqWeb** allows you to customize your configuration by loading a `userConfig.json` file. Here’s an example of how to load it:\n\n   ```javascript\n   /*user defined rules and configs currently not implementet and\n   working on an interface for easy config*/\n   const config = configLoader('reqweb/src/config/usertConfig.json'); \n   ```\n   **Using default config**\n   ```javascript\n   const config = configLoader('reqweb/src/config/defaultConfig.json');\n   ```\n   \n3. **Apply the Middlewares**:\n   Add the IP filtering middleware to your Express app:\n\n   ```javascript\n   const app = express();\n\n   // Apply WAF middlewares\n   app.use(logger(config));        // Logging middleware\n   app.use(ipFilter(config));     // IP filtering middleware\n   app.use(rateLimiter(config));  // Rate limiting middleware\n   app.use(ruleEngine(config));   // Rule-based request blocking\n\n   //adding WAF web interface\n   app.use('/reqweb/api', apiRoutes);\n\n   app.get('/', (req, res) =\u003e {\n       res.send('Welcome to Homelab!');\n   });\n\n   //running your app with WAF web interface enabled\n   reqweb.startInterface(app, 3000);\n   ```\n## Accessing ReqWeb web interface\nwith the above setup you will have access to your waf web configuration interface at the following address:\n`http://localhost:3000/reqweb/api/web`\n\n### Configuration Example\n\nIn the `userConfig.json` file, you can define the list of blocked and allowed IPs:\n\n```json\n{\n  \"blockedIPs\": [\"192.168.1.100\", \"203.0.113.0/24\"],\n  \"allowedIPs\": [\"127.0.0.1\", \"::1\"]\n}\n```\n\n### Customizing the Middleware\n\nYou can modify or extend the behavior of **ReqWeb** by tweaking the `ipFilter.js` middleware or adding your own custom rules.\n\n---\n\n## **Configuration Options**\n\n- **blockedIPs**: Array of IP addresses or CIDR ranges to block (e.g., `[\"192.168.1.100\", \"203.0.113.0/24\"]`).\n- **allowedIPs**: (Optional) Array of IP addresses or CIDR ranges that are allowed even if the `blockedIPs` list would block them (e.g., `[\"127.0.0.1\", \"::1\"]`).\n\n## **Advanced Features**\n\n- **Rate Limiting**: Set up rate limiting to avoid abusive requests.\n- **Logging**: Enable logging using **winston** for better monitoring of requests and events.\n  \n### Example of rate-limiting setup:\n\nYou can extend **ReqWeb** to add rate-limiting by combining it with other libraries like **express-rate-limit**.\n\n---\n\n## **Development \u0026 Testing**\n\n### Run Tests\nTo run tests, use **Mocha** and **Chai** for testing:\n\n```bash\nnpm test\n```\n\n### Build the Package\nIf you're using TypeScript or want to transpile code, you can build the project like this:\n\n```bash\nnpm run build\n```\n\n---\n\n## **Contributing**\n\nContributions are welcome! If you have suggestions, bug fixes, or improvements, feel free to submit a pull request.\n\n1. Fork the repository.\n2. Create your feature branch (`git checkout -b feature-name`).\n3. Commit your changes (`git commit -am 'Add new feature'`).\n4. Push to the branch (`git push origin feature-name`).\n5. Create a new pull request.\n\n---\n\n## **License**\n\nThis project is licensed under the Apache License 2.0 License - see the [LICENSE](LICENSE) file for details.\n\n---\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftaqsblaze%2Freqweb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftaqsblaze%2Freqweb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftaqsblaze%2Freqweb/lists"}