https://github.com/sa7mon/tinywaf
A simple WAF for Caddy Server
https://github.com/sa7mon/tinywaf
Last synced: 11 months ago
JSON representation
A simple WAF for Caddy Server
- Host: GitHub
- URL: https://github.com/sa7mon/tinywaf
- Owner: sa7mon
- Created: 2024-02-03T06:02:41.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-02-16T03:31:14.000Z (over 2 years ago)
- Last Synced: 2025-07-29T01:39:04.128Z (11 months ago)
- Language: Go
- Size: 11.7 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# tinywaf
A simple (naive) web application firewall for [Caddy](https://caddyserver.com) to ban IPs based on requested URI patterns.
* **tested?** a little
* **secure?** nahh
* **memory leak**? big time
* **simple?** oh yeah
## Usage
Refer to `Caddyfile` for example config
```
tinywaf {
bad_uris {
^/wp-admin/.+$
^/login.php
.*/wp-(includes|admin|content)/.*
}
ban_minutes 120
}
```
IP addresses making requests to `bad_uris` will be banned for `ban_minutes` and will receive a `403 Forbidden`. Module is designed to be used with Cloudflare and will assume the `Cf-Connecting-Ip` header is present - change `ServeHTTP` logic if you don't want this.