OWASP Coraza WAF

Coraza is an open source, high performance, Web Application Firewall ready to protect your beloved applications.

Get started

Open-source Apache 2 Licensed. GitHub

Security

Security is what Coraza is for, enforce policies using OWASP CRS or create your own policies to stop attackers and generate important audit information.

Fast by default ⚡️

From huge websites to small blogs, Coraza can handle that load with minimal performance impacts, just check our Benchmarks.

Extensible

Audit Loggers, persistence engines, operators, actions, create your own functionalities to extend Coraza as much as you want.

Integrations

Coraza WAF is just a library but we support many integrations to deploy a WAF as an application server, reverse proxy, container, and more.

Roadmap

Expect interesting features and improvements within our community-driven roadmap, for small developers and big companies.

Enterprise ready

Continuous development, high performance and great documentation are the recipe for a perfect enterprise open source project.

Top