BunkerWeb is a next-generation and open-source Web Application Firewall (WAF).
Being a full-featured web server (based on NGINX under the hood), it protects your web services to make them “secure by default”. BunkerWeb integrates seamlessly into your existing environments (Linux, Docker, Swarm, Kubernetes, …) and is fully configurable to meet your own use-cases.
This is free and open source software.
Key Features
- Easy integration into existing environments : Seamlessly integrate BunkerWeb into various environments such as Linux, Docker, Swarm, Kubernetes and more. Enjoy a smooth transition and hassle-free implementation.
- Highly customizable : Tailor BunkerWeb to your specific requirements with ease. Enable, disable, and configure features effortlessly, allowing you to customize the security settings according to your unique use case.
- Secure by default : BunkerWeb provides out-of-the-box, hassle-free minimal security for your web services. Experience peace of mind and enhanced protection right from the start.
- Web UI : Take control of BunkerWeb more efficiently with its web user interface (UI). Navigate settings and configurations effortlessly through a user-friendly graphical interface, eliminating the need for the command-line interface (CLI).
- Plugin system : Extend the capabilities of BunkerWeb to meet your own use cases. Seamlessly integrate additional security measures and customize the functionality of BunkerWeb according to your specific requirements. There are plugins available for ClamAV, Coraza, CrowdSec, Discord, Slack, VirusTotal, and WebHook,
- Security features which can be configured:
- HTTPS support with transparent Let’s Encrypt automation.
- State-of-the-art web security: HTTP security headers, prevent leaks, TLS hardening, …
- Integrated ModSecurity WAF with the OWASP Core Rule Set.
- Automatic ban of strange behaviors based on HTTP status code.
- Apply connections and requests limit for clients.
- Block bots by asking them to solve a challenge (e.g. : cookie, javascript, captcha, hCaptcha or reCAPTCHA).
- Block known bad IPs with external blacklists and DNSBL.
Website: docs.bunkerweb.io
Support: GitHub Code Repository
Developer: Bunkerity
License: GNU Affero General Public License v3.0
BunkerWeb is written in Python, Lua, and JavaScript. Learn Python with our recommended free books and free tutorials. Learn Lua with our recommended free books and free tutorials. Learn JavaScript with our recommended free books and free tutorials.
Related Software
| Web Application Firewalls | |
|---|---|
| ModSecurity | Web Application Firewall Engine for Apache, IIS and Nginx |
| BunkerWeb | Next-generation Web Application Firewall |
| NAXSI | Nginx Anti XSS & SQL Injection |
| Coraza | Enterprise grade, Golang port of ModSecurity |
| open-appsec | Automatic web application and API security using machine learning |
| lua-resty-waf | High Performance WAF Built on the OpenResty Stack |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |