Skip to content
/ caswaf Public

HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com

License

Notifications You must be signed in to change notification settings

casbin/caswaf

Folders and files

NameName
Last commit message
Last commit date

Latest commit

9ea2299 · Mar 4, 2025
Sep 17, 2024
Oct 14, 2023
Oct 4, 2023
Jun 3, 2024
Sep 27, 2024
May 29, 2024
Sep 27, 2024
Oct 4, 2023
Sep 27, 2024
Sep 23, 2024
Feb 28, 2025
Sep 23, 2024
Sep 26, 2024
Oct 22, 2023
Aug 13, 2024
Mar 4, 2025
Aug 3, 2023
Jun 23, 2023
Aug 5, 2023
Sep 17, 2024
Jun 23, 2023
Sep 17, 2024
Aug 3, 2023
Sep 26, 2024
Sep 26, 2024
Sep 15, 2024

Repository files navigation

📦⚡️ CasWAF

An open-source Web Application Firewall (WAF) software developed by Go and React.

semantic-release docker pull casbin/caswaf GitHub Release Docker Image Version (latest semver)

Go Report Card license GitHub issues GitHub stars GitHub forks

Online demo

Documentation

https://caswaf.org

Architecture

CasWAF contains 2 parts:

Name Description Language Source code
Frontend Web frontend UI for CasWAF Javascript + React https://github.com/casbin/caswaf/tree/master/web
Backend RESTful API backend for CAsWAF Golang + Beego + MySQL https://github.com/casbin/caswaf

Installation

CasWAF uses Casdoor to manage members. So you need to create an organization and an application for CasWAF in a Casdoor instance.

Necessary configuration

Get the code

go get github.com/casdoor/casdoor
go get github.com/casbin/caswaf

or

git clone https://github.com/casdoor/casdoor
git clone https://github.com/casbin/caswaf

Setup database

CasWAF will store its users, nodes and topics information in a MySQL database named: caswaf, will create it if not existed. The DB connection string can be specified at: https://github.com/casbin/caswaf/blob/master/conf/app.conf

dataSourceName = root:123@tcp(localhost:3306)/

CasWAF uses XORM to connect to DB, so all DBs supported by XORM can also be used.

Configure Casdoor

After creating an organization and an application for CasWAF in a Casdoor, you need to update clientID, clientSecret, casdoorOrganization and casdoorApplication in app.conf.

Run CasWAF

  • Configure and run CasWAF by yourself. If you want to learn more about caswaf.
  • Open browser: http://localhost:16001/

Optional configuration

Setup your WAF to enable some third-party login platform

CasWAF uses Casdoor to manage members. If you want to log in with oauth, you should see casdoor oauth configuration.

OSS, Mail, and SMS services

CasWAF uses Casdoor to upload files to cloud storage, send Emails and send SMSs. See Casdoor for more details.

Contribute

For CasWAF, if you have any questions, you can open Issues, or you can also directly start Pull Requests(but we recommend opening issues first to communicate with the community).

License

Apache-2.0