vigie-waf-rust

A high-performance web application firewall built with Rust

Get StartedCustom LUA Scripts

Fast and Lightweight

Minimal dependencies, low overhead, and efficient protection against malicious traffic.

Defense Matrix

Built-in defense matrix including IP blacklist, IP whitelist, CC protection, fake crawler protection, and POW challenge protection.

Highly Customizable

You can customize defense order and details. Most defense capabilities expose hooks to LUA scripts for advanced tuning.

Automatic SSL Renewal

Built-in ACME + Let's Encrypt auto-renewal for painless certificate management, plus self-signed certificate support for internal sites.

Static Resource Exemptions

Configure static resource paths as defense exemptions to reduce unnecessary overhead; POW exemptions can be configured for endpoints like payment callbacks.

Multi-layer Proxy Compatible

Can replace nginx as entry point for small deployments, or run behind nginx and other proxies by setting trusted IP sources and X-Forwarded-For correctly.

Release

GNU Licensed | Copyright © 2025-present qingruan.tech