<div align="center"> <img src="https://github.com/dayeya/FinalWall/blob/main/web/frontend/src/assets/fwlogo.svg" width="30%" height="30%"/><br> <h1>FinalWall - An open-source web application firewall engine</h1> </div> Finalwall is an open-source WAF engine that is reliable, robust, and easy to use. The engine provides significant models that make threat mitigation and network analysis easy.

Installation

Development

FinalWall is developed using Python 3.12 so previous versions are not supported. However, I suggest supporting 3.10+. Below are the milestones of the project:

• [ ] Cross-Platform
• [X] Deploy FinalWall as a reverse proxy
• [X] Security and access log system
• [X] Client source control
• [X] Client profiling
• [X] ACL
• [X] Signature-based attack detection
• [X] Sqli
• [X] Unauthorized Access
• [X] Xss
• [X] Bruteforce
• [X] Rate limiting
• [X] UI
• [ ] File Inclusion
• [ ] Simulations directory

Future milestones include:

• [ ] CSRF
• [ ] Bot detection
• [ ] Directory traversal
• [ ] Whitelisting

Models and structure

The core engine of FinalWall is built from several models each of which takes on a variety of roles that ultimately make the system itself. Below are some of them: Transactions, Events, Logs, Checks, Classifiers, Streams, SearchContexts, ProfileManager, and BanManager are all a part of the core engine FinalWall is built on.

Contributions

As for the final release, FinalWall was built only by Dayeya as opposed to the contributors list.<br> For upcoming releases and contributions feel free to help with any area you are comfortable with: features, bug fixes, reports, documentation, and so on.

How to do it?

Having an idea for the project? Found a performance error? Or just want to chat? Open an issue!<br> Want to write your features or solutions to open issues? Open a PR and I will look into it.<br> Additionally, I would love to chat with anyone interested in the project so feel free to contact me on any platform you like.