Open Source Unix Shell Web Application Firewalls (WAF)

Hardened version of official WordPress container, with special support for Kubernetes. You can skip installation wizard by installing WordPress on container startup. This container uses wp-cli to install WordPress and plugins allowing you to prepare a fully automated website. git-clone-controller is a Kubernetes controller allowing to clone a GIT repository before a Pod is launched, can be used to automatically fetch your website theme within just few seconds before Pod starts.

sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. Too much time security is left on the background, or only by using some basic - but not sufficient - options and applications are front-faced to the big bad Internet.