Quickstart

Get the open core running in front of a backend in about two minutes. You need only Rust and cargo.

Install

Install the waf binary straight from crates.io:

$ cargo install waf-proxy

Or build from source:

$ git clone https://github.com/0x00spor3/Light-WAF
$ cd Light-WAF && cargo build --release

Configure

Create a config.toml with a listener and your backend. This is the smallest useful config:

# config.toml
[proxy]
listen  = "0.0.0.0:8080"
backend = "http://127.0.0.1:3000"

[waf]
mode = "blocking"        # "blocking" enforces, "detection" only observes
block_threshold = 5      # deny when the anomaly score reaches this

See the full configuration reference for every section.

Run

$ waf --config config.toml
# or, from a source checkout:
$ cargo run -p waf-proxy -- --config config.toml

The WAF listens on :8080 and forwards allowed requests to your backend.

Verify

A benign request is forwarded; an obvious attack is blocked with a 403:

$ curl -o /dev/null -w "%{http_code}\n" localhost:8080/
200
$ curl -o /dev/null -w "%{http_code}\n" "localhost:8080/?q=1' OR '1'='1"
403