Welcome to the comprehensive documentation for the Web Application Firewall (WAF) project. This documentation is organized into several sections to help you quickly find the information you need.
Everything you need to get up and running quickly:
- Installation - System requirements and installation steps
- Quick Start - Get WAF running in minutes
- Running with Docker - Docker deployment guide
- First Configuration - Basic configuration walkthrough
Detailed configuration reference:
- Configuration Overview - How configuration works
- Core Parameters - Essential settings
- Client IP Detection - Detecting real client IPs
- Geolocation - Country and city detection
- Jail System - IP banning configuration
- Filter Rules - Static, Flexible, and Composite rules
- Static Lists - Whitelist and Blacklist setup
- Proxy Configuration - Reverse proxy settings
- API Configuration - REST API setup
- Logging - Log configuration
- Metrics - Prometheus metrics setup
- Environment Variables - Environment-based configuration
- Configuration Examples - Ready-to-use configuration files
Understanding how WAF works:
- Overview - High-level architecture
- Request Flow - How requests are processed
- Components - Key components and their roles
- Under Attack Module - Bot detection and fingerprinting
Fundamental concepts explained:
- Operating Modes - Normal vs Audit mode
- Jail Mechanism - How IP banning works
- Ban Escalation - Progressive ban duration
- Rule Types - Static, Flexible, and Composite rules
- Geolocation Detection - GeoIP databases
REST API documentation:
- API Overview - Introduction to the API
- Authentication - API authentication
- Endpoints - Available endpoints
- Examples - API usage examples
Production deployment guides:
- Docker - Docker deployment
- Docker Compose - Multi-container setup
- Kubernetes - Kubernetes deployment
- Systemd Service - Running as a system service
- Reverse Proxy - Behind Nginx/Apache
- High Availability - HA setup
Observability and monitoring:
- Prometheus Metrics - Available metrics
- Grafana Dashboard - Dashboard setup
- Alerting - Alert configuration
- Logging Integration - Log aggregation
For contributors and developers:
- Development Setup - Setting up development environment
- Testing - Running tests
- Building - Build process
- Project Structure - Code organization
- Code Style - Coding standards
- Contributing - How to contribute
Practical guides and best practices:
- Troubleshooting - Common issues and solutions
- Use Cases - Practical scenarios and examples
- Performance Tuning - Optimization strategies
- Security Best Practices - Hardening guide
- Migration Guide - Upgrading between versions
- New to WAF? Start with Quick Start Guide
- Need to configure rules? See Filter Rules
- Having issues? Check Troubleshooting
- Want to contribute? Read Contributing Guide
- Performance problems? See Performance Tuning
If you can't find what you're looking for:
- Check the Troubleshooting Guide
- Search through existing GitHub Issues
- Create a new issue with details about your problem
Found a typo or want to improve the docs? Contributions are welcome! See our Contributing Guide for details on how to submit improvements.
Version: Latest Last Updated: 2026-02-12 License: GNU License