You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
A robust, highly customizable, and feature-rich **Web Application Firewall (WAF)** middleware for the Caddy web server. This middleware provides **advanced protection** against a comprehensive range of web-based threats, seamlessly integrating with Caddy and offering flexible configuration options to secure your applications effectively.
[](https://github.com/fabriziosalmi/caddy-waf/actions/workflows/go.yml)[](https://github.com/fabriziosalmi/caddy-waf/actions/workflows/github-code-scanning/codeql)[](https://github.com/fabriziosalmi/caddy-waf/actions/workflows/build-run-validate.yml)
## 🛡️ Core Protections
***Regex-Based Filtering:** Deep URL, data & header inspection using powerful regex rules.
***Blacklisting:** Blocks malicious IPs, domains & optionally TOR exit nodes.
***Geo-Blocking:** Restricts access by country using GeoIP.
***Rate Limiting:** Prevents abuse via customizable IP request limits.
***Anomaly Scoring:** Dynamically blocks requests based on cumulative rule matches.
***Multi-Phase Inspection:** Analyzes traffic throughout the request lifecycle.
***Sensitive Data Redaction:** Removes private info from logs.
***Custom Response Handling:** Tailored responses for blocked requests.
***Detailed Monitoring:** JSON endpoint for performance tracking & analysis.
***Dynamic Config Reloads:** Seamless updates without restarts.
***File Watchers:** Automatic reloads on rule/blacklist changes.
