Skip to content
/ caswaf Public

HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com

License

Notifications You must be signed in to change notification settings

casbin/caswaf

Repository files navigation

📦⚡️ CasWAF

An open-source Web Application Firewall (WAF) software developed by Go and React.

semantic-release docker pull casbin/caswaf GitHub Release Docker Image Version (latest semver)

Go Report Card license GitHub issues GitHub stars GitHub forks

Online demo

Documentation

https://caswaf.org

Architecture

CasWAF contains 2 parts:

Name Description Language Source code
Frontend Web frontend UI for CasWAF Javascript + React https://github.com/casbin/caswaf/tree/master/web
Backend RESTful API backend for CAsWAF Golang + Beego + MySQL https://github.com/casbin/caswaf

Installation

CasWAF uses Casdoor to manage members. So you need to create an organization and an application for CasWAF in a Casdoor instance.

Necessary configuration

Get the code

go get github.com/casdoor/casdoor
go get github.com/casbin/caswaf

or

git clone https://github.com/casdoor/casdoor
git clone https://github.com/casbin/caswaf

Setup database

CasWAF will store its users, nodes and topics information in a MySQL database named: caswaf, will create it if not existed. The DB connection string can be specified at: https://github.com/casbin/caswaf/blob/master/conf/app.conf

dataSourceName = root:123@tcp(localhost:3306)/

CasWAF uses XORM to connect to DB, so all DBs supported by XORM can also be used.

Configure Casdoor

After creating an organization and an application for CasWAF in a Casdoor, you need to update clientID, clientSecret, casdoorOrganization and casdoorApplication in app.conf.

Run CasWAF

  • Configure and run CasWAF by yourself. If you want to learn more about caswaf.
  • Open browser: http://localhost:16001/

Optional configuration

Setup your WAF to enable some third-party login platform

CasWAF uses Casdoor to manage members. If you want to log in with oauth, you should see casdoor oauth configuration.

OSS, Mail, and SMS services

CasWAF uses Casdoor to upload files to cloud storage, send Emails and send SMSs. See Casdoor for more details.

Contribute

For CasWAF, if you have any questions, you can open Issues, or you can also directly start Pull Requests(but we recommend opening issues first to communicate with the community).

License

Apache-2.0