Rack-attack is a middleware rate limiter and request filter for the Rack interface. It provides a system for throttling HTTP requests and maintaining IP address blocklists to protect applications from malicious traffic and denial-of-service attacks. The project enables application layer DDoS mitigation and API rate limit management by identifying and rejecting requests from banned clients or abusive IP addresses. It allows for the definition of safelists to bypass filters and uses custom logic to determine if a client should be blocked or throttled. The tool covers comprehensive traffic mana
This project is a collection of configuration files and scripts serving as a bot blocker and security middleware for Nginx. It functions as an automated blocklist manager that filters malicious user-agents and IP addresses to mitigate vulnerability scanning, login brute-forcing, and DDoS attacks. The system distinguishes itself by automating the maintenance of security rules, downloading updated bot definitions and reloading the server on a schedule. It also includes a search engine spam filter capable of generating robots.txt files and link disavow lists to prevent malicious domains from imp
Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do
LLM Guard is a security firewall and guardrail framework designed to scan and sanitize inputs and outputs for large language models. It functions as a proxy gateway and security layer to block prompt injections, toxicity, and sensitive data leakage while ensuring that model interactions remain compliant with organizational policies. The system distinguishes itself through a modular scanner pipeline that utilizes local model orchestration to eliminate external network dependencies. It supports real-time security filtering via streaming chunk analysis and implements a fail-fast execution model
ngxluawaf este un firewall pentru aplicații web (WAF) OpenResty care utilizează Lua pentru a filtra cererile HTTP malițioase și a bloca atacurile web. Acționează ca un filtru de cereri programabil și controler de acces IP pentru Nginx, oferind un strat de securitate pentru a identifica și bloca scanerele neautorizate, tentativele de fuzzing și cererile de rețea anormale.
Principalele funcționalități ale loveshell/ngx_lua_waf sunt: NGINX Extensions, Web Application Firewalls, Network Request Filters, Programmable Request Filters, Regex Pattern Matching, Layer 7 Rate Limiters, Access Control Lists, IP Address Filtering.
Alternativele open-source pentru loveshell/ngx_lua_waf includ: rack/rack-attack — Rack-attack is a middleware rate limiter and request filter for the Rack interface. It provides a system for… mitchellkrogza/nginx-ultimate-bad-bot-blocker — This project is a collection of configuration files and scripts serving as a bot blocker and security middleware for… microsoft/security-101 — Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular,… protectai/llm-guard — LLM Guard is a security firewall and guardrail framework designed to scan and sanitize inputs and outputs for large… cilium/tetragon — Tetragon is an eBPF-based runtime security and observability toolset designed for Linux and Kubernetes environments.… owasp/cheatsheetseries — The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and…