Coraza is an open source, high performance, Web Application Firewall ready to protect your beloved applications.

Get started

Open-source Apache 2 Licensed. GitHub v2.0.1


Security is what Coraza is for, enforce policies using OWASP CRS or create your own policies to stop attackers and generate important audit information.

Fast by default ⚡️

From huge websites to small blogs, Coraza can handle that load with minimal performance impacts, just check our Benchmarks.


Audit Loggers, persistence engines, operators, actions, create your own functionalities to extend Coraza as much as you want.


Coraza WAF is just a library but we support many integrations to deploy a WAF as an application server, reverse proxy, container, and more.


Expect interesting features and improvements within our community-driven roadmap, for small developers and big companies.

Enterprise ready

Continuous development, high performance and great documentation are the recipe for a perfect enterprise open source project.