Stop attacks, intrusions and dark traffic from within your web app.

Wafris is a free and open source Web Application Firewall that identifies threats
and stops attacks from within your favorite web framework or ingress controller.

Singular Security

Stop bouncing between your logs, your app, and your firewall. Wafris gives you visibility into what's really happening in your app and then lets you take direct action.

What's a Web
Application Firewall?

A WAF is an additional layer of defense that helps to filter out attacks and block bots from abusing your site. Automatically kill DDoS probes, secret-stealing scripts, and weird traffic. Get a real-time view into the requests hitting your app and one-click kick out bad actors.

Every web framework
is a failure

While we all have our favorite web framework, as an industry, we've collectively failed to ship any framework with practical traffic security features like the ability to:

  • Block basic request properties like IP addresses, user agents and malicious paths.
  • Rate Limit Traffic
  • View a list of the IPs that have made requests in the last 24 hours

Attacks hit every web app by default. Why isn't there a default set of defenses?

Wafris adds practical, immediately useful, easily configured security features to your web application.

Wafris Client Frameworks

Wafris firewalls work within your web framework to filter out attacks and block bots from abusing your site. Automatically kill DDoS probes, secret-stealing scripts, and weird traffic. Get a real-time view into the requests hitting your app and one-click kick out bad actors.

What's lurking in your
dark traffic?

Google Analytics is a liar. GA filters out bot traffic and "weird" requests from the ground up because that's what the marketers and advertisers using it want: as nobody willing is going to put down money for bots to see ads.

Your raw log files suffer from the opposite problem: too much honesty. They'll tell you precisely what requests occurred but with zero context. In the river of log traffic generated by your site, it's hard to spot the attacks.

Together, it's frustratingly difficult to answer, "What requests are actually hitting my site right now?"

Wafris shines a light onto your dark traffic by building reports in real-time so you can instantly answer questions like:

  • What unique IP addresses made requests?
  • How many requests were made?
  • What's the distribution over time?
  • What IPs are on the leaderboard?

Most apps don't even know they were attacked until months after the fact

FAQ

We're on a mission to the raise the security level of every web application.

Is this useful if I'm already using Cloudflare, Imperva or Expedited WAF?

The most secure applications implement "Defense In Depth" - layering multiple defensive systems to thwart ever more clever attacks.

Unlike legacy WAF systems, Wafris filters attacks from within your web framework. By scoping our filtering rules specific to the framework, we can better understand inbound requests and filter out attacks.

What systems should I put Wafris on?

All of them. Too often in our years of security work, we've seen staging, QA, or dev environments that attackers compromised. Regularly, these environments contained production data, API keys, secrets or other sensitive information.

Wafris is a default set of security controls from which any environment can benefit.

What are the requirements?

Wafris leverages Redis for fast rule implementation and analysis. We've taken pains to ensure that Wafris runs on the types of standard Redis plans that many hosting platforms provide for free or minimal cost.