cwaf_config
Science Score: 44.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
✓CITATION.cff file
Found CITATION.cff file -
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (11.5%) to scientific vocabulary
Repository
Basic Info
- Host: GitHub
- Owner: csvl
- License: bsd-2-clause
- Language: Java
- Default Branch: main
- Size: 7.35 MB
Statistics
- Stars: 3
- Watchers: 3
- Forks: 1
- Open Issues: 0
- Releases: 0
Metadata Files
README.md
WAF-GUARD
Welcome to the official GitHub repository for WAF-GUARD, a powerful tool designed to assist in troubleshooting Web Application Firewall (WAF) configurations by leveraging an ontological representation. This repository contains the source code and documentation necessary to understand and utilize WAF-GUARD.
Overview
Configuring and maintaining a WAF, especially in large-scale environments, presents significant challenges due to the complexity and interconnectivity of rules and directives. WAF-GUARD addresses these challenges by providing a comprehensive ontology that helps administrators navigate and manage complex WAF configurations efficiently.
Features
- Ontology-Based Representation: Leverages ontology to model WAF configurations, enabling better traceability, transparency, and management.
- Easy Navigation: Facilitates the exploration of large rule sets, macros, and configurations through an intuitive interface.
- Real-World Application: Tested on extensive real-world configurations, demonstrating its effectiveness in diagnosing and resolving WAF configuration issues.
Getting Started
Installation
Prerequisites
- Java 17+: WAF-GUARD is built using Java, and has been tested with Java 17.
- Maven: is used to build the java project. It has been tested with maven 3.9.6
Build from source
Clone the repository:
bash git clone https://github.com/csvl/CWAF_config.git cd CWAF_config/cwaf-ontologyBuild the project using Maven:
bash mvn clean packageUsage
For ontology editing and visualization, we strongly advice to use Protege.
Run the different classes:
bash
java -cp cwaf-ontology/target/cwaf-ontology-1.0-SNAPSHOT.jar be.uclouvain.service.Parser conf/httpd.conf
Will produce config.ttl and full_schema.ttl. The full_schema.ttl is designed to be explored manually, while config.ttl is provided for the compiler.
bash
java -cp cwaf-ontology/target/cwaf-ontology-1.0-SNAPSHOT.jar be.uclouvain.service.Compiler
Will produce entities.ttl and full_entities.ttl. The full_entities.ttl is designed to be explored manually, while entities.ttl can be imported into the full_schema.ttl for a complete overview of the configuration.
bash
java -cp cwaf-ontology/target/cwaf-ontology-1.0-SNAPSHOT.jar be.uclouvain.service.Filter > output
Will output the directives information in the same order Apache would applie them.
License
WAF-GUARD is released under the MIT License.
Acknowledgements
This project is supported by Approach Cyber. This study has been conducted as part of the COODEVIIS project (agreement no. 8887), funded by the Wallonia Public Service (SPW) under the framework of the region’s recovery plan. It was in part supported by the CyberExcellence project (RW, Convention 2110186).
Contact
For questions, suggestions, or issues, please open an issue on this repository or contact us directly at bastien.wiaux@uclouvain.be.
Thank you for using WAF-GUARD! We hope it enhances your experience in managing WAF configurations.
Owner
- Name: csvl
- Login: csvl
- Kind: organization
- Repositories: 4
- Profile: https://github.com/csvl
Citation (CITATION.cff)
# This CITATION.cff file was generated with cffinit.
# Visit https://bit.ly/cffinit to generate yours today!
cff-version: 1.2.0
title: DOG-WAF
message: >-
If you use this software, please cite it using the
metadata from this file.
type: software
authors:
- given-names: 'Charles-Henry '
family-names: Bertrand Van Ouytsel
email: charles-henry.bertrand@uclouvain.be
affiliation: UCLouvain
orcid: 'https://orcid.org/0000-0001-5720-6569'
- given-names: Axel
family-names: Legay
email: axel.legay@uclouvain.be
affiliation: UCLouvain
orcid: 'https://orcid.org/0000-0003-2287-8925'
- given-names: Marc
family-names: Stern
affiliation: Approach Cyber
- given-names: Bastien
family-names: Wiaux
email: bastien.wiaux@uclouvain.be
affiliation: UCLouvain
orcid: 'https://orcid.org/0009-0002-9268-9943'
repository-code: 'https://github.com/csvl/CWAF_config'
abstract: >-
Web application firewalls are essential tools for
protecting web applications. However, the configuration
and maintenance of such systems, particularly in
large-scale environments, can prove challenging due to the
significant number of interconnected rules and directives
that must be managed. This complexity often leads to
difficulties in troubleshooting and optimising
configurations. In order to address these issues, we
present WAF-GUARD, a novel tool that leverages an
ontological representation of WAF configurations as a
means of assisting in the resolution of potential
problems. WAF-GUARD allows experts to navigate complex
configurations while maintaining clear links to the file
system structure. The ontology allows exploration of the
relationships between rules, macros, and files, thereby
enhancing the usability of WAF management. We have applied
our tool on large-size configurations developed within
Approach Cyber, showing the capabilities of the tool in
real-world context.
keywords:
- Web Application Firewall
- Ontology
- Troubleshooting
license: MIT
commit: aedda936b394b137ecf6e4ae2c6a82b51eb01d2b
version: v1.0
date-released: '2024-08-10'
GitHub Events
Total
- Watch event: 2
- Create event: 1
Last Year
- Watch event: 2
- Create event: 1
Dependencies
- com.fasterxml.jackson.core:jackson-databind 2.17.0
- org.apache.jena:apache-jena 5.0.0
- org.apache.jena:apache-jena-libs 5.0.0