xwaf (silk clothing and shield) is a based on openresty (nginx + lua) to develop next-generation web application firewall, the original business logic protection engine and machine learning engine can effectively protect business security risks, solve the traditional WAF security services can not be protection pain points.
jxwaf
DjangoPython3
jxwaf (silk clothing and shield) is a based on openresty (nginx + lua) to develop next-generation web application firewall, the original business logic protection engine and machine learning engine can effectively protect business security risks, the business can not solve the traditional WAF conduct security protection pain points. Semantic analysis engine with built-in machine learning engine to avoid the traditional WAF rules overlay too much result in slowdowns problems, while enhancing the accuracy of detection (low false positives, low false negative).
Feature function
base attack protection
SQL injection attacks,
XSS attacks
directory traversal vulnerability
command injection attacks
WebShell upload protection
scanner attacks ...
machine learning
support vector machine (SVM)
semantic analysis
of SQL injection semantic analysis
XSS attack semantic analysis
business logic vulnerability protection
registration protection
landed protection
anti activity brush
SMS bombs Protection
ultra vires Vulnerability Protection
SMS verification code to bypass the protection, check ...
Senior CC attack protection
available for different URL, request different parameter settings individually different variables protection
CAPTCHA
Cookie security
front-end parameter encryption protection
to support AES encryption and decryption
support DES plus decryption
support for RSA encryption and decryption
transparent deployment of dynamic password function
provides dynamic password (OTP) to back office systems and website features a user
detection caching feature
on WAF has been detected MD5 request caching to improve the detection efficiency
to support protocol
HTTP / HTTPS
performance & reliability
millisecond response time of less than one millisecond request processing
master-Slave deployment, single point of failure
cluster-reverse proxy mode deployment, large data traffic process can
support embedded deployment, without changing the original network topology
to support cloud pattern deployment
management function
Basic Configuration
Rules Configuration
reports show
alarm configuration
Architecture architecture
jxwaf (Jinyi shield) by the jxwaf and jxwaf management centers:
jxwaf: Based openresty (nginx + lua) Development
jxwaf Management Center: HTTP: //www.jxwaf.com
Environment Environmental
jxwaf
Centos . 7
Openresty 32 1.11.2.4
the install installation
to download the code to / tmp directory, file operation jxwaf_install.sh, jxwaf installed in the / opt / jxwaf directory, as follows:
$ CD / tmp
$ Git clone https://github.com/jx the -sec / jxwaf.git
$ CD jxwaf
$ SH install_waf.sh
after installation is shown below the installation was successful i.e.
nginx: the configuration file /opt/jxwaf/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /opt/jxwaf/nginx/conf/nginx.conf test is successful
visit http://www.jxwaf.com and registered account, the WAF rule management -> check out the official rules page load set rules in accordance with their needs, after the WAF rule configuration -> WAF global configuration page for "WAFAPIKEY"
modify /opt/jxwaf/nginx/conf/jxwaf/jxwafconfig.json in "waf_api_key" for your own account "wAF_API_KEY"
$ / opt / jxwaf / nginx / sbin / nginx start openresty, openresty automatically to jxwaf management center to pull in the rules configured by the user at startup or reload the
Docs document
JXWAF instructions
based Openresty achieve business security
transparent deployment of dynamic password function based Openresty achieve
Cookie WAF development of security
contributor contributor
chenjc safety engineer
jiongrizi front-end development engineer
BUG & Requirement BUG & demand
github to submit questions or needs BUG
QQ group 730 947 092
E-mail [email protected]
other other
Currently open source version has been normal use, basic functions and official rules are the basis of the test is completed, small and medium enterprises to meet basic protection needs.
But the feature is not all on the line, there are some features did not migrate from the line to release an open source version, now only on the basis of the line attack protection, Cookie security features and semantic analysis. Other features will continue on the line, depending on the progress of a front-end can snap out of time, the entire year is expected to be able to get finished.
These are stock features, listed below some To do:
through the rule configuration to achieve data cleaning machine learning, feature extraction, model training, it simply is a lightweight training machine learning - application platform, users can focus on the core features acquisition, other "bad language so hard" to solve the platform, reducing the threshold for application of machine learning. Currently the core functionality has been developed, with other existing functional integration in.
Command execution, semantic analysis library development code execution
Official Rules for
third-party security application interfaces to integrate
business security scenario development
report alarm sound
Cloud WAF system development
Github Address: HTTPS: //github.com/jx-sec/jxwaf
JXWAF management Center: http: //www.jxwaf.com/
this project from the very beginning of the idea to develop now 7788, almost a year. Most began to engage in this project, because the depth of use Modsecurity, found that too many pit Hold live, I can not do a penetration of only WAF developed a career change, then because of occupational diseases, in particular for some time to write easily bypassed local focus, embodied in all aspects of the code, which can be considered a WAF advantage of this.
Then talk about this performance, the results of the current test is less than 1ms, the core module processing time in about 0.001ms, thanks luajit technology, add rules almost no impact. Concurrent words, a single 2G 1 nuclear test in 5000 virtual machine up and down, I have no resources are interested can test the configuration of the physical machine good performance, reaching more than 10K should be no problem. In accordance with prior experience Modsecurity of a single day PV one hundred million or less would not have considered what a performance problem, and not the "rich life" would not have considered a "rich man's disease." As for the situation greatly complicated by traffic on the cluster or can self-study.
A brief summary of the next target user:
Security a person / Security budget did not
have WAF WAF budget did not demand security personnel of the company
to the network / application online secondary verification
machine-learning protection needs
have business security needs
WAF box could not carry, did not want to cloud / cloud not
have high custom rules / functional requirements of the company
article does not deserve the map, and the need www.jxwaf.com viewing
Finally thanks jsp submit BUG & demand during the closed beta, welcome you submit BUG & demand, there are mandatory pit.
Special column
Jinyi Shield: Introduction of open source WEB application firewall
Guess you like
Origin www.cnblogs.com/wuchangsoft/p/10950064.html
Recommended
Ranking