From f138e7fdf8f315e8c66e92ce2a019fc8dbf3113c Mon Sep 17 00:00:00 2001 From: zhengkunwang223 Date: Wed, 23 Aug 2023 10:38:20 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=A2=9E=E5=8A=A0=E5=8D=97=E5=A2=99=20?= =?UTF-8?q?Web=20=E5=BA=94=E7=94=A8=E9=98=B2=E7=81=AB=E5=A2=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/uuwaf/2.5.1/data.yml | 25 +++++++++ apps/uuwaf/2.5.1/docker-compose.yml | 55 +++++++++++++++++++ apps/uuwaf/README.md | 81 ++++++++++++++++++++++++++++ apps/uuwaf/data.yml | 20 +++++++ apps/uuwaf/logo.png | Bin 0 -> 30848 bytes 5 files changed, 181 insertions(+) create mode 100644 apps/uuwaf/2.5.1/data.yml create mode 100644 apps/uuwaf/2.5.1/docker-compose.yml create mode 100644 apps/uuwaf/README.md create mode 100644 apps/uuwaf/data.yml create mode 100644 apps/uuwaf/logo.png diff --git a/apps/uuwaf/2.5.1/data.yml b/apps/uuwaf/2.5.1/data.yml new file mode 100644 index 00000000..b23b2e21 --- /dev/null +++ b/apps/uuwaf/2.5.1/data.yml @@ -0,0 +1,25 @@ +additionalProperties: + formFields: + - default: 80 + disabled: true + envKey: PANEL_APP_PORT_HTTP1 + labelEn: HTTP Port + labelZh: HTTP 端口 + required: true + type: number + - default: 443 + disabled: true + envKey: PANEL_APP_PORT_HTTPS2 + labelEn: HTTPS Port + labelZh: HTTPS 端口 + required: true + type: number + - default: 4443 + edit: true + envKey: PANEL_APP_PORT_HTTPS + labelEn: Port + labelZh: 面板端口 + required: true + rule: paramPort + type: number + diff --git a/apps/uuwaf/2.5.1/docker-compose.yml b/apps/uuwaf/2.5.1/docker-compose.yml new file mode 100644 index 00000000..b7c0a809 --- /dev/null +++ b/apps/uuwaf/2.5.1/docker-compose.yml @@ -0,0 +1,55 @@ +networks: + wafnet: + name: wafnet + driver: bridge + ipam: + driver: default + config: + - gateway: 172.22.0.1 + subnet: 172.22.0.0/24 + driver_opts: + com.docker.network.bridge.name: wafnet + +services: + uuwaf: + image: uusec/nanqiang:v2.5.1 + ulimits: + nproc: 65535 + nofile: + soft: 102400 + hard: 102400 + container_name: uuwaf + networks: + wafnet: + ipv4_address: 172.22.0.3 + ports: + - ${PANEL_APP_PORT_HTTP1}:80 + - ${PANEL_APP_PORT_HTTPS2}:443 + - ${PANEL_APP_PORT_HTTPS}:4443 + volumes: + - wafshared:/uuwaf + command: ["/run.sh"] + environment: + - TZ=Asia/Shanghai + links: + - wafdb + depends_on: + - wafdb + + wafdb: + image: percona:8 + container_name: wafdb + networks: + wafnet: + ipv4_address: 172.22.0.7 + volumes: + - wafshared:/docker-entrypoint-initdb.d + - wafdata:/var/lib/mysql + environment: + - TZ=Asia/Shanghai + - INIT_ROCKSDB + - MYSQL_ROOT_PASSWORD=Safe3.WAF + +volumes: + wafshared: + wafdata: diff --git a/apps/uuwaf/README.md b/apps/uuwaf/README.md new file mode 100644 index 00000000..5606432b --- /dev/null +++ b/apps/uuwaf/README.md @@ -0,0 +1,81 @@ +# 南墙简介 + +[![GitHub stars](https://img.shields.io/github/stars/Safe3/uuWAF.svg?label=关注 南墙&style=for-the-badge)](https://github.com/Safe3/uuWAF) +[![Chat](https://img.shields.io/badge/Discuss-加入讨论组-7289da.svg?style=for-the-badge)](https://github.com/Safe3/uuWAF/discussions) + +> **南墙**WEB应用防火墙(简称:`uuWAF`)一款社区驱动的免费、高性能、高扩展顶级Web应用安全防护产品。 + +![](http://waf.uusec.com/_media/waf.png) + +🏠安装及使用请访问官网: https://waf.uusec.com/ + +:heavy_exclamation_mark:注意:南墙 暂不开源,直接下载编译好的二进制文件安装即可,github仓库内主要为社区贡献的规则,每次 uuWAF 发布将自动更新。 + + + +## :dart: 技术优势 +- :libra: 先进语义引擎 + + 南墙采用业界领先的`SQL、XSS、RCE、LFI` 4种基于语义分析的检测引擎,结合多种深度解码引擎可对`base64、json、form-data`等HTTP内容真实还原,从而有效抵御各种绕过WAF的攻击方式,并且相比传统正则匹配具备准确率高、误报率低、效率高等特点,管理员无需维护庞杂的规则库,即可拦截多种攻击类型。 + +- :ophiuchus: 智能0day防御 + + 南墙创新性的运用机器学习技术,使用**异常检测算法**对http正常与攻击流量进行区分识别,并对正常流量进行白名单威胁建模。通过**机器学习算法**自动学习正常流量中的参数特征,并转化成对应的参数白名单规则库,可以在面对各种突发0day漏洞时,无需添加规则即可拦截攻击,免除网站管理者一出现漏洞就需挑灯夜战升级的痛苦。 + +- :gemini: 高级规则引擎 + + 南墙积极运用`nginx`和`luajit`的高性能、高灵活性特点,除了提供对普通用户友好性较好的传统规则创建模式,还提供了高扩展性、高灵活性的lua脚本规则编写功能,使得有一定编程功底的高级安全管理员可以创造出一系列传统WAF所不能实现的高级漏洞防护规则,用户可以编写一系列插件来扩展WAF现有功能。从而使得在拦截一些复杂漏洞时,可以更加得心应手。 + + + + +## :rocket: 一键安装 + +南墙为你提供了强大灵活的扩展和安全规则的编写API,在管理后台发布后所有规则无需重启立即生效,远超市面上大部分免费WAF产品如`ModSecurity`,规则展示如下: + +![](http://waf.uusec.com/_media/rule.png) + +🏠请访问官网: https://waf.uusec.com/ 下载 南墙WAF使用说明书 了解规则API详情 + +南墙安装及其简便,通常在几分钟内即可安装完毕,具体耗时视网络下载情况而定。 + +注意:请尽量选择一台纯净Linux x86_64环境的服务器安装,因为安装过程会卸载旧的MySQL数据库并重新安装,如果没有备份,可造成旧的MySQL数据丢失,并且南墙采用云WAF反向代理模式,默认需要使用80、443端口。 + +> 主机版安装方式如下: + +```bash +sudo yum install -y ca-certificates +sudo wget https://waf.uusec.com/waf-install && chmod +x waf-install && ./waf-install && rm -f ./waf-install +``` + +安装成功后会显示 “ 恭喜您,安装成功!” + +> Docker版安装方式如下: + +```bash +sudo curl https://waf.uusec.com/docker-compose.yml -o docker-compose.yml && docker compose up -d +``` + + + +## :gift_heart: 贡献 Rule + +参照: https://waf.uusec.com/#/guide/contribute + + + + +## :kissing_heart: 加入讨论 + +欢迎各位就 南墙 的各种bug或功能需求及使用问题,在如下渠道参与讨论 + +- 问题提交:https://github.com/Safe3/uuWAF/issues + +- 讨论社区:https://github.com/Safe3/uuWAF/discussions + +- 官方 QQ 群:11500614 + +- 官方微信群:微信扫描以下二维码加入 + + 微信群 + diff --git a/apps/uuwaf/data.yml b/apps/uuwaf/data.yml new file mode 100644 index 00000000..fb210df1 --- /dev/null +++ b/apps/uuwaf/data.yml @@ -0,0 +1,20 @@ +name: 南墙 Web 应用防火墙 +tags: + - 工具 +title: 一款社区驱动的免费、高性能、高扩展顶级 Web 应用和 API 安全防护产品 +type: 工具 +description: 一款社区驱动的免费、高性能、高扩展顶级 Web 应用和 API 安全防护产品 +additionalProperties: + key: uuwaf + name: 南墙 Web 应用防火墙 + tags: + - Tool + shortDescZh: 一款社区驱动的免费、高性能、高扩展顶级 Web 应用和 API 安全防护产品 + shortDescEn: A community-driven, free, high-performance, highly scalable top-tier Web application and API security protection product + type: tool + crossVersionUpdate: false + limit: 1 + recommend: 0 + website: https://waf.uusec.com/#/ + github: https://github.com/Safe3/uuWAF + document: https://waf.uusec.com/#/?id=main diff --git a/apps/uuwaf/logo.png b/apps/uuwaf/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..362333c3c2309806bb7410afd21c1e42b95cf100 GIT binary patch literal 30848 zcmV-`cz=h9P)Px&08mU+MNDaN`>|sE$$0p)UiZ_Q`ldejr!VueYVVyx zZG=bqwHEidY5&6r|GWzNw_Og=Mf$Z<4$(yp(M1i?Mh?+M|Gx?QwN(AA6#lak{N__`VWuoeEo4*9rW`ptU!u}}NFUi!CK__9_G(MA2Q z6#K#z;n~&vu}}D?HvhK@`MhcV#0~wbDEq4*`>HYfpdJ3L8vLvu`mr|qxK0kyMGnzL z4$(yo(M1l?MGnzL|F#YOvK9NHCjZ6?`n?hV%Lo3o5Bs7O`KvSisTKUOC;iC{`ldJj zuNnTt3;(_i|HlORvPb)?Ci|u+`n+fQv^x2zJpHs74$(yp(M1l?MGnzL4$(yp(M1l? zMgPSI|HuXXwHf-SB>c^H`lBBI#R~kZ81=DC|H29Ts3!QcQTwJS{ne%Z!VLSgApgt@ z{H{Cy#0mb!4f)4@`K?C%xE%YYEBwuc4$(yp(M1l?MGnzL4$(yp(M9{A8vn`!`=uEF z$pZSIBmc?-|H}ja%Lf0)2l=Ek`=A*A!4Uno82hX>{;d`N#0dMO8~Lj<`@(bksviHn z2l}EX`?56su^s!PANs5}`?4+lrx*OM75UJU`K2xSv`qT9TKu#i{iG54uO$A!3i_@* z4$(yp(M1l?MGnzL4$(yp(MA8u1OLhb`=c=a!3+Jy3;)Ci{QGYu}J>D5Bbr#{lGN;&I0`ty(M1l?MGnzL z|G*FWq9gyw3i+%${lpadvl;lD8U3{w{kby!#3TE=O#a9P|I7vYqaXjg6#Jed`KCDg zn;!a}8~eUt4$(yp(M1l?Mf;>L{13{QNNQjTday zzWVu9$h}QxUEbd$#q4Nn9Bn|kpcT~Nx-r+%6Uiq>LYfIZ*Ts>%Wpe=wMwAUNBTCNT(I=_>WJBx z-kV2{T#%$k@=Icp*4O}uJ3ENpBX z3}l0#Eh=+7^#!=eHh_aQ_q;{$yil@DVCQ64u`oYjsz9~@Y}^@sy_DUCcO^lTdDPp;@aBcv-VnP z>Z$XI2@vZHc2&a^z8R^Fv&6NXfI!^KO1&^Uqm-5C9fIokLy8rO-@Rm)zdRdhnm?DWXgoBNF{?yb)?EoGgpb39?{{7<# zcph<8U6+ZGkr)Fw*%&+*O={E@{r|tc>tsHeK&C}kNAma+nMQpAz2}zQ&(trPY)H|=m6BnF7{jLZ7+>ie0+vcK(DyQhOZZfZd zqwL@MW=1^D7nqQ=kykWxg9{dyawTrac&4rXN^3`n7rg zuW=)o*4W(wc_obbn3#}NvNJJ=8GAYM{A)uEf2o?-%Br_jm4Yjxgb;Dj#^b)ol0{Vx zp`ANLj@>e(m-l~DB8v8R%VYR|fq_lk4TN}N-_eMJdKzNzoWZSeNsgn(!aZ}%DdhAM zztZLx0>mLC*tP}CHkq+R9p(mhm3da&Y~d%42DTu_fYi!gzpxv?AhS5)>JqCc|K_P&nWlhW}L7n^II{J zA|Wl1{use{Az>jYYr*JPXu^9RD1k7xVb9coMz*I#2eeRtcap>4ajPQmV*PoF3t{{2@50- z%X_MoPvK(Yg4HEwy870msIi5lA^T{-C}9i(iY0qDr}mp0v%(DEU=Z-`LN!223z`D> z>nfwrgF;zSeAcYa;Kyw2@TA9i=BzTRq9`qXSSoU`6+$;)*6VUpja=mXwDS>~0StD_ zB4H-jEE7UA;P2~~YANjS+EkZ;{n+PXbe{@aS5?DIutkwszhB&Adbk|S047ycMvh~T z5->wssHPI?ifbsbaW_EQqtjFmUYk|~S(cvc%HzTkVZzq6;GnQsfn36G3sCZS9byR= zFr1N`Y_Z?p2WzUagQN)L%;4kiKFO>z2T`;#&fL4*+&#?&+41r4s1pPmAc!RC5|M5k zQa)D>sp7JnazbhU7o@Z-qGc-u^+XjoH6Vo|$G!BNLQ_)(g$5Y<&m=2#VhmXYhsCT%|qq}iwlq6o-3KlQCc;)N7!irqXw&~pRGTse7_-i(wHc_AfZ?1-@&B3T2Id@;qo-KOH z6`y|Bb-c0*FWjGN6=d}ovk9+pzGRVX;3+(A@acA!{_An!!mFIiQ^PQ8XueAoSzbrm z^Nes*(d_zrW_xWm1A`!7!G zE6NOzun6Nb6k{f?!=kCDp>}7xxrBtoM#-|I2oPho#i0qr8USiCG4o~kI^Q~e+{AmQ zhP-o*NzRnr3d~HT^nlqJH8sM0eZv)4fIYW~r$be^N$)>1aWgY>gMy8Tg`0(}?lU{t zopxAs!1_q+__{g(=0tLaas