AWS WAF
Web Application Firewall that protects web applications and APIs from common exploits and attacks by defining security rules
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
High-performance Go-based WAF compatible with OWASP CRS v4
Coraza delivers enterprise‑grade web application firewall protection using ModSecurity SecLang rules and full OWASP Core Rule Set v4 compatibility, with a focus on performance and extensibility.
Coraza is a Go‑written web application firewall that provides enterprise‑grade security while remaining lightweight enough for any scale, from small blogs to high‑traffic sites. It runs the OWASP Core Rule Set v4 out‑of‑the‑box, offering protection against the OWASP Top Ten and many other attack categories with minimal false positives.
Designed for developers, security engineers, and operations teams that need a programmable WAF, Coraza can be embedded directly as a Go library, used as middleware, or deployed via plugins for Caddy, Envoy (proxy‑wasm), HAProxy, and a C library for nginx. It requires Go v1.22+ and runs on Linux, Windows, or macOS. Advanced build tags let you trim binary size or adjust rule evaluation behavior for specialized environments.
Coraza’s architecture encourages custom operators, actions, and audit loggers, enabling deep integration with SIEMs or bespoke security workflows. The project is community‑driven, accepting contributions and offering resources such as a rule‑testing playground and active Slack channel.
When teams consider Coraza, these hosted platforms usually appear on the same shortlist.
Web Application Firewall that protects web applications and APIs from common exploits and attacks by defining security rules
Cloud-native WAF service that protects web apps from common attacks (SQL injection, XSS) by filtering malicious HTTP/S traffic
Unified threat management and endpoint security
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Embedding Coraza in a Go microservice
Provides request‑level inspection and automatic blocking of OWASP Top Ten attacks.
Caddy reverse‑proxy protection
Adds WAF capabilities to Caddy without external appliances.
Envoy sidecar with proxy‑wasm extension
Enforces CRS rules across service‑mesh traffic.
Custom audit logger integration
Streams security events to a centralized SIEM for real‑time monitoring.
Yes, it supports SecLang rules and is fully compatible with the OWASP CRS v4.
Older CRS versions are not compatible; Coraza requires CRS v4.
Coraza is a Go library, but plugins exist for Caddy, Envoy (proxy‑wasm), HAProxy, and a C library for nginx.
Coraza runs on Linux, Windows, and macOS; Linux distributions like Debian or CentOS are recommended.
You can write custom operators, actions, or audit loggers via its API, and use build tags to include or exclude components.
Project at a glance
ActiveLast synced 4 days ago