lua-resty-waf

lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. Operators can extend it with custom Lua code, integrate threat feeds, or adapt it to application-specific quirks without recompiling modules. The result is a flexible, scriptable WAF that pairs the performance of NGINX with the expressiveness of Lua for nuanced HTTP defense.

Features

Built on OpenResty allowing Nginx-level request inspection via Lua API
Uses ModSecurity-compatible rule syntax for widespread CRS rule sharing
Includes custom rules and a virtual patching mechanism for zero-day threats
Blocks brute-force attacks, malicious bots, and automated scraping attempts
Can integrate real-time DNS blacklists to deny known malicious hosts
Supports remote logging via TCP, UDP, or syslog for audit and analytics

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow lua-resty-waf

lua-resty-waf Web Site

Other Useful Business Software

AI-generated apps that pass security review

Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.

Try Retool free

Rate This Project

User Reviews

Be the first to post a review of lua-resty-waf!

Additional Project Details

Operating Systems

Linux

Programming Language

Perl

Related Categories

Perl Firewall Software

Registered

2025-09-10

Similar Business Software

ThreatLocker

The ThreatLocker suite of security tools are powerful and designed so that everyone from businesses to government agencies to academic institutions can directly control exactly what applications run on their networks. We envision a future in which all organizations can chart their own course...

See Software
Kamatera

With our comprehensive suite of scalable cloud services, you can build your cloud server, your way. Kamatera’s infrastructure specializes in VPS hosting, with a choice of 24 data centers worldwide, including 8 data centers across the US as well as locations in Europe, Asia, and the Middle East....

See Software
Cloudflare

Cloudflare is the foundation for your infrastructure, applications, and teams. Cloudflare secures and ensures the reliability of your external-facing resources such as websites, APIs, and applications. It protects your internal resources such as behind-the-firewall applications, teams, and...

See Software
Imunify360

Imunify360 is a security solution for web-hosting servers. Imunify360 goes beyond antivirus and WAF and is a combination of an Intrusion Prevention and Detection system, a Application Specific Web Application Firewall, Real-time Antivirus protection, a Network Firewall, and Patch Management...

See Software
AWS WAF

AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS WAF gives you control over how traffic reaches your applications by enabling you to create...

See Software
Heimdal Endpoint Detection and Response (EDR)

Heimdal® Endpoint Detection and Response is our proprietary multi-solution service providing unique prevention, threat-hunting, and remediation capabilities. It combines some of the most advanced threat-hunting technologies: - Next-Gen Antivirus - Privileged Access Management - Application...

See Software

Report inappropriate content

lua-resty-waf

High-performance WAF built on the OpenResty stack

Get an email when there's a new version of lua-resty-waf

Features

Project Samples

Project Activity

Categories

License

Follow lua-resty-waf

User Reviews

Additional Project Details

Operating Systems

Programming Language

Related Categories

Registered