Awesome Open Source
Awesome Open Source
          ___          ___    _________
       ___\  \        /   \  |   _____/
     (   __\  \  /\  /  _  \ |  |___
      \  \  \  \/  \/  / \  \|   __/   >>>  A simple Web Application Firewall docker image.
    ___)  \  \   /\   /---\  \  |
    \_____/   \_/  \_/     \____|

sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture.

It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses for Let's Encrypt and others free CA support.

Docker Image Version Docker Image Size GitHub Release Travis CI Build Status License


Why sWAF

A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. Too much time security is left on background, or only by using some basics - but not sufficient - options, and applications are front-faced to the big bad Internet.

That's why sWAF is here to offer a simple WAF docker image acting as an infrastructure security asset ready to be deployed wherever into your network infrastructure:

[Client] --hxxp(s)://> [sWAF > rProxy+Security] --hxxp://a.b.c.d:6666--> [webservice1]

Main Features

  • NGINX with:
    • LibreSSL & TLS 1.3 support.
    • ModSecurity 3 & OWASP® ModSecurity Core Rule Set.
    • NAXSI. (Roadmap v0.2.0)
  • for Let's Encrypt and others free CA support. (Roadmap v0.2.0)


Getting Started

  1. Get sWAF docker image:

    docker pull swafproject/swaf
  2. Start a sWAF container:

    docker run -d --name swaf --restart always --net host swafproject/swaf
  3. Test it:

    TODO Testing GIF

  4. Check out [Wiki] documentation for all details about usage.

Releases Lifecycle

Build details on [Wiki/Build-Details]



  • master branch is continuously built in [swafproject/swaf-dev] repository on Docker Hub.

  • Last development status (based on master HEAD):

    Docker Image Version Docker Image Size

  • DO NOT use development image for your production, the only purpose of this image is for development!


Change details are listed into [].


Feel free to submit enhancement proposal via [Pull Requets]!

Please check [Contributing] by Marc Diethelm for more details about how to do.


A project initiated by @styx0x6.


sWAF - A simple Web Application Firewall docker image.

Copyright © 2020 @styx0x6

This file is part of sWAF. This software is licensed under the European Union Public License 1.2 (EUPL-1.2), published in Official Journal of the European Union (OJ) of 19 May 2017 and available in 23 official languages of the European Union.

The English version is included with this software. Please see the following page for all the official versions of the EUPL-1.2:

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Shell (232,274
Docker (33,819
Dockerfile (28,197
Nginx (5,193
Docker Image (4,806
Firewall (622
Owasp (320
Nginx Proxy (293
Protection (230
Waf (211
Related Projects