BunkerWeb

BunkerWeb is a next-generation, open-source Web Application Firewall (WAF).

As a comprehensive web server built on NGINX, it secures your web services with a "secure by default" approach. BunkerWeb integrates effortlessly into existing environments (Linux, Docker, Swarm, Kubernetes, etc.) as a reverse proxy and offers complete configurability through both CLI and an intuitive web UI to suit your specific needs. This makes cybersecurity simple and accessible.

BunkerWeb includes essential security features in its core and supports easy expansion through a flexible plugin system.

Features

• HTTPS support with transparent Let's Encrypt automation
• State-of-the-art web security: HTTP security headers, prevent leaks, TLS hardening, ...
• Integrated ModSecurity WAF with the OWASP Core Rule Set
• Automatic ban of strange behaviors based on HTTP status codes
• Apply connection and request limits for clients
• Block bots by asking them to solve a challenge (e.g., cookie, JavaScript, captcha, hCaptcha, or reCAPTCHA)
• Block known bad IPs with external blacklists and DNSBL
• And much more...