diff --git a/apps/uuwaf/2.5.2/.env.sample b/apps/uuwaf/2.5.2/.env.sample deleted file mode 100644 index 8291cdd3..00000000 --- a/apps/uuwaf/2.5.2/.env.sample +++ /dev/null @@ -1,6 +0,0 @@ -CONTAINER_NAME="uuwaf" -PANEL_APP_PORT_CONSOLE="4443" -PANEL_APP_PORT_HTTP="80" -PANEL_APP_PORT_HTTPS="443" -SUBNET_PREFIX="172.22.0" -TIME_ZONE="Asia/Shanghai" diff --git a/apps/uuwaf/2.5.2/data.yml b/apps/uuwaf/2.5.2/data.yml deleted file mode 100644 index f8aca1fd..00000000 --- a/apps/uuwaf/2.5.2/data.yml +++ /dev/null @@ -1,40 +0,0 @@ -additionalProperties: - formFields: - - default: 80 - edit: true - envKey: PANEL_APP_PORT_HTTP - labelEn: HTTP Port - labelZh: HTTP端口 - required: true - rule: paramPort - type: number - - default: 443 - edit: true - envKey: PANEL_APP_PORT_HTTPS - labelEn: HTTPS Port - labelZh: HTTPS端口 - required: true - rule: paramPort - type: number - - default: 4443 - edit: true - envKey: PANEL_APP_PORT_CONSOLE - labelEn: Console Port - labelZh: 控制台端口 - required: true - rule: paramPort - type: number - - default: Asia/Shanghai - edit: true - envKey: TIME_ZONE - labelEn: Time zone - labelZh: 时区 - required: true - type: text - - default: 172.22.0 - edit: true - envKey: SUBNET_PREFIX - labelEn: Subnet prefix - labelZh: 子网前缀 - required: true - type: text diff --git a/apps/uuwaf/2.5.2/docker-compose.yml b/apps/uuwaf/2.5.2/docker-compose.yml deleted file mode 100644 index f2c3a2f3..00000000 --- a/apps/uuwaf/2.5.2/docker-compose.yml +++ /dev/null @@ -1,62 +0,0 @@ -services: - uuwaf: - build: ./docker/ - ulimits: - nproc: 65535 - nofile: - soft: 102400 - hard: 102400 - container_name: ${CONTAINER_NAME}-uuwaf - networks: - 1panel-network: - wafnet: - ipv4_address: ${SUBNET_PREFIX}.3 - ports: - - "${PANEL_APP_PORT_HTTP}:80" - - "${PANEL_APP_PORT_HTTPS}:443" - - "${PANEL_APP_PORT_CONSOLE}:4443" - volumes: - - ./uuwaf:/uuwaf - command: ["/run.sh"] - environment: - - TZ=${TIME_ZONE} - labels: - createdBy: "Apps" - links: - - wafdb - depends_on: - - wafdb - - wafdb: - image: percona:8 - container_name: ${CONTAINER_NAME}-wafdb - networks: - 1panel-network: - wafnet: - ipv4_address: ${SUBNET_PREFIX}.7 - #ports: - #- "127.0.0.1:4306:3306" - volumes: - - ./uuwaf/initdb:/docker-entrypoint-initdb.d - - wafdata:/var/lib/mysql - environment: - - TZ=${TIME_ZONE} - - INIT_ROCKSDB - - MYSQL_ROOT_PASSWORD=Safe3.WAF - labels: - createdBy: "Apps" - -volumes: - wafdata: - -networks: - 1panel-network: - external: true - wafnet: - name: wafnet - driver: bridge - ipam: - driver: default - config: - - gateway: ${SUBNET_PREFIX:?SUBNET_PREFIX required}.1 - subnet: ${SUBNET_PREFIX}.0/24 diff --git a/apps/uuwaf/2.5.2/sourcedownload.sh b/apps/uuwaf/2.5.2/sourcedownload.sh deleted file mode 100644 index 37d63f8d..00000000 --- a/apps/uuwaf/2.5.2/sourcedownload.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh - -mkdir -p ./tmp - -wget -O ./tmp/waf-community.tgz https://github.com/Safe3/uuWAF/releases/download/v2.5.2/waf-docker-community.v2.5.2.tgz - -tar -zxvf ./tmp/waf-community.tgz -C ./tmp - -cp -r ./tmp/waf-community/docker . - -cp -r ./tmp/waf-community/uuwaf . - -rm -r ./tmp - -echo 附件已经下载成功 \ No newline at end of file diff --git a/apps/uuwaf/5.1.1/.env.sample b/apps/uuwaf/5.1.1/.env.sample new file mode 100644 index 00000000..3184a321 --- /dev/null +++ b/apps/uuwaf/5.1.1/.env.sample @@ -0,0 +1,7 @@ +CONTAINER_NAME="uuwaf" +MYSQL_MAX_CONNECTIONS=512 +PANEL_APP_PORT_CONSOLE=4443 +PANEL_APP_PORT_HTTP=80 +PANEL_APP_PORT_HTTPS=443 +PANEL_DB_USER_PASSWORD="Safe3.WAF" +TIME_ZONE="Asia/Shanghai" diff --git a/apps/uuwaf/5.1.1/data.yml b/apps/uuwaf/5.1.1/data.yml new file mode 100644 index 00000000..5bbd1ef3 --- /dev/null +++ b/apps/uuwaf/5.1.1/data.yml @@ -0,0 +1,47 @@ +additionalProperties: + formFields: + - default: "80" + edit: true + envKey: PANEL_APP_PORT_HTTP + labelEn: HTTP Port + labelZh: HTTP 端口 + required: true + rule: paramPort + type: number + - default: "443" + edit: true + envKey: PANEL_APP_PORT_HTTPS + labelEn: HTTPS Port + labelZh: HTTPS 端口 + required: true + rule: paramPort + type: number + - default: "4443" + edit: true + envKey: PANEL_APP_PORT_CONSOLE + labelEn: Console Port + labelZh: 控制台端口 + required: true + rule: paramPort + type: number + - default: "Asia/Shanghai" + edit: true + envKey: TIME_ZONE + labelEn: Time zone + labelZh: 时区 + required: true + type: text + - default: "Safe3.WAF" + envKey: PANEL_DB_USER_PASSWORD + labelEn: Password + labelZh: 数据库用户密码 + required: true + rule: paramComplexity + type: password + - default: "512" + edit: true + envKey: MYSQL_MAX_CONNECTIONS + labelEn: MySQL Max Connections + labelZh: 数据库最大连接数 + required: true + type: number \ No newline at end of file diff --git a/apps/uuwaf/5.1.1/docker-compose.yml b/apps/uuwaf/5.1.1/docker-compose.yml new file mode 100644 index 00000000..10bd7092 --- /dev/null +++ b/apps/uuwaf/5.1.1/docker-compose.yml @@ -0,0 +1,54 @@ +services: + uuwaf: + image: "uusec/nanqiang:v5.1.1" + ulimits: + nproc: 65535 + nofile: + soft: 102400 + hard: 102400 + container_name: ${CONTAINER_NAME} + networks: + - 1panel-network + ports: + - ${PANEL_APP_PORT_HTTP}:80 + - ${PANEL_APP_PORT_HTTPS}:443 + - ${PANEL_APP_PORT_CONSOLE}:4443 + volumes: + - wafshared:/uuwaf + command: ["/run.sh"] + environment: + - TZ=${TIME_ZONE} + - UUWAF_MYSQL_PASSWORD=${PANEL_DB_USER_PASSWORD} + links: + - wafdb + depends_on: + wafdb: + condition: service_healthy + wafdb: + image: "percona/percona-server:5.7.44" + container_name: ${CONTAINER_NAME}-db + networks: + - 1panel-network + volumes: + - wafshared:/docker-entrypoint-initdb.d + - wafdata:/var/lib/mysql + - ./low-memory-my.cnf:/etc/mysql/my.cnf + environment: + - TZ=${TIME_ZONE} + - INIT_ROCKSDB + - MYSQL_MAX_CONNECTIONS=${MYSQL_MAX_CONNECTIONS} + - MYSQL_ROOT_PASSWORD=${PANEL_DB_USER_PASSWORD} + healthcheck: + test: ["CMD", "mysqladmin", "ping", "-h", "127.0.0.1", "--silent"] + start_period: 0s + interval: 5s + timeout: 3s + retries: 3 +volumes: + wafshared: + name: wafshared + wafdata: + name: wafdata +networks: + 1panel-network: + external: true \ No newline at end of file diff --git a/apps/uuwaf/5.1.1/low-memory-my.cnf b/apps/uuwaf/5.1.1/low-memory-my.cnf new file mode 100644 index 00000000..0ef74b63 --- /dev/null +++ b/apps/uuwaf/5.1.1/low-memory-my.cnf @@ -0,0 +1,63 @@ +# For advice on how to change settings please see +# http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html + +[mysqld] +# +# Remove leading # and set to the amount of RAM for the most important data +# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%. +# innodb_buffer_pool_size = 128M +# +# Remove leading # to turn on a very important data integrity option: logging +# changes to the binary log between backups. +# log_bin +# +# Remove leading # to set options mainly useful for reporting servers. +# The server defaults are faster for transactions and fast SELECTs. +# Adjust sizes as needed, experiment to find the optimal values. +# join_buffer_size = 128M +# sort_buffer_size = 2M +# read_rnd_buffer_size = 2M +skip-host-cache +skip-name-resolve +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +secure-file-priv=/var/lib/mysql-files +user=mysql + +# Disabling symbolic-links is recommended to prevent assorted security risks +symbolic-links=0 + +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + + +#### These optimize the memory use of MySQL +#### http://www.tocker.ca/2014/03/10/configuring-mysql-to-use-minimal-memory.html +innodb_buffer_pool_size=5M +innodb_log_buffer_size=256K +query_cache_size=0 +max_connections=10 +key_buffer_size=8 +thread_cache_size=0 +host_cache_size=0 +innodb_ft_cache_size=1600000 +innodb_ft_total_cache_size=32000000 + +# per thread or per operation settings +thread_stack=131072 +sort_buffer_size=32K +read_buffer_size=8200 +read_rnd_buffer_size=8200 +max_heap_table_size=16K +tmp_table_size=1K +bulk_insert_buffer_size=0 +join_buffer_size=128 +net_buffer_length=1K +innodb_sort_buffer_size=64K + +#settings that relate to the binary log (if enabled) +binlog_cache_size=4K +binlog_stmt_cache_size=4K + +#### from https://mariadb.com/de/node/579 +performance_schema = off \ No newline at end of file diff --git a/apps/uuwaf/5.1.1/scripts/uninstall.sh b/apps/uuwaf/5.1.1/scripts/uninstall.sh new file mode 100644 index 00000000..1a62d5e5 --- /dev/null +++ b/apps/uuwaf/5.1.1/scripts/uninstall.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +docker-compose down --volumes \ No newline at end of file diff --git a/apps/uuwaf/README.md b/apps/uuwaf/README.md index 35346d81..21d13f10 100644 --- a/apps/uuwaf/README.md +++ b/apps/uuwaf/README.md @@ -1,93 +1,26 @@ -# 使用说明 -## 1. 商店安装应用 +# 南墙 -填写参数,点击安装,这里会报错, +**南墙** WEB 应用防火墙(简称:`uuWAF`)一款社区驱动的免费、高性能、高扩展顶级 Web 应用安全防护产品。 -这是正常的,因为必要附件未下载,进行下一步操作。 +## **技术优势** -## 2. 执行脚本下载附件 +- 先进语义引擎 -终端执行以下命令下载所需附件,大致路径需要按需修改,脚本即在软件安装目录下 -``` -cd /opt/1panel/apps/local/uuwaf/uuwaf/sourcedownload.sh && \ -chmod +x /opt/1panel/apps/local/uuwaf/uuwaf/sourcedownload.sh && \ -bash /opt/1panel/apps/local/uuwaf/uuwaf/sourcedownload.sh -``` + 南墙采用业界领先的 `SQL、XSS、RCE、LFI` 4种基于语义分析的检测引擎,结合多种深度解码引擎可对 `base64、json、form-data` 等 HTTP 内容真实还原,从而有效抵御各种绕过 WAF 的攻击方式,并且相比传统正则匹配具备准确率高、误报率低、效率高等特点,管理员无需维护庞杂的规则库,即可拦截多种攻击类型。 -## 3. 重建应用 +- **智能 0day 防御** -正确下载了附件后,点击重建应用,等待安装成功。 + 南墙创新性的运用机器学习技术,使用**异常检测算法**对 http 正常与攻击流量进行区分识别,并对正常流量进行白名单威胁建模。通过**机器学习算法**自动学习正常流量中的参数特征,并转化成对应的参数白名单规则库,可以在面对各种突发 0day 漏洞时,无需添加规则即可拦截攻击,免除网站管理者一出现漏洞就需挑灯夜战升级的痛苦。 -- 默认地址注意是`https` +- **高级规则引擎** -- 默认账号密码 -``` -username:admin -password:wafadmin -``` - -# 原始相关 - -# 南墙简介 - -[![GitHub stars](https://img.shields.io/github/stars/Safe3/uuWAF.svg?label=关注 南墙&style=for-the-badge)](https://github.com/Safe3/uuWAF) -[![Chat](https://img.shields.io/badge/Discuss-加入讨论组-7289da.svg?style=for-the-badge)](https://github.com/Safe3/uuWAF/discussions) - -> **南墙**WEB应用防火墙(简称:`uuWAF`)一款社区驱动的免费、高性能、高扩展顶级Web应用和API安全防护产品。 - -![](http://waf.uusec.com/_media/waf.png) - -🏠安装及使用请访问官网: https://waf.uusec.com/ - -:heavy_exclamation_mark:注意:南墙 暂不开源,直接下载编译好的二进制文件安装即可,github仓库内主要为社区贡献的规则,每次 uuWAF 发布将自动更新。 + 南墙积极运用 `nginx` 和 `luajit` 的高性能、高灵活性特点,除了提供对普通用户友好性较好的传统规则创建模式,还提供了高扩展性、高灵活性的 lua 脚本规则编写功能,使得有一定编程功底的高级安全管理员可以创造出一系列传统 WAF 所不能实现的高级漏洞防护规则,用户可以编写一系列插件来扩展 WAF 现有功能。从而使得在拦截一些复杂漏洞时,可以更加得心应手。 +## 使用 -## :dart: 技术优势 -- :libra: 先进语义引擎 - - 南墙采用业界领先的`SQL、XSS、RCE、LFI` 4种基于语义分析的检测引擎,结合多种深度解码引擎可对`base64、json、form-data`等HTTP内容真实还原,从而有效抵御各种绕过WAF的攻击方式,并且相比传统正则匹配具备准确率高、误报率低、效率高等特点,管理员无需维护庞杂的规则库,即可拦截多种攻击类型。 - -- :ophiuchus: 智能0day防御 - - 南墙创新性的运用机器学习技术,使用**异常检测算法**对http正常与攻击流量进行区分识别,并对正常流量进行白名单威胁建模。通过**机器学习算法**自动学习正常流量中的参数特征,并转化成对应的参数白名单规则库,可以在面对各种突发0day漏洞时,无需添加规则即可拦截攻击,免除网站管理者一出现漏洞就需挑灯夜战升级的痛苦。 - -- :gemini: 高级规则引擎 - - 南墙积极运用`nginx`和`luajit`的高性能、高灵活性特点,除了提供对普通用户友好性较好的传统规则创建模式,还提供了高扩展性、高灵活性的lua脚本规则编写功能,使得有一定编程功底的高级安全管理员可以创造出一系列传统WAF所不能实现的高级漏洞防护规则,用户可以编写一系列插件来扩展WAF现有功能。从而使得在拦截一些复杂漏洞时,可以更加得心应手。 - - - - -## :rocket: 快速进阶 - -南墙为你提供了强大灵活的扩展和安全规则的编写API,在管理后台发布后所有规则无需重启立即生效,远超市面上大部分免费WAF产品如`ModSecurity`,规则展示如下: - -![](http://waf.uusec.com/_media/rule.png) - -🏠请访问官网: https://waf.uusec.com/ 下载 南墙WAF使用说明书 了解规则API详情 - - - - -## :gift_heart: 贡献分享 - -参照: https://waf.uusec.com/#/guide/contribute - - - - -## :kissing_heart: 加入讨论 - -欢迎各位就 南墙 的各种bug或功能需求及使用问题,在如下渠道参与讨论 - -- 问题提交:https://github.com/Safe3/uuWAF/issues - -- 讨论社区:https://github.com/Safe3/uuWAF/discussions - -- 官方 QQ 群:11500614 - -- 官方微信群:微信扫描以下二维码加入 - - 微信群 - +1. 登录后台,访问https://wafip:4443 ,wafip为安装南墙的服务器ip,用户名`admin`,密码`wafadmin` +2. 添加站点,进入站点管理菜单,点击添加站点按钮,按提示添加站点域名与网站服务器ip +3. 添加证书,进入证书管理菜单,点击添加证书按钮,上传第二步中域名的https证书和私钥文件 +4. 将域名DNS的ip指向改为南墙服务器ip地址 +5. 访问站点域名查看网站是否能够访问 \ No newline at end of file diff --git a/apps/uuwaf/data.yml b/apps/uuwaf/data.yml index 0ad5f5b0..4c09d8e6 100644 --- a/apps/uuwaf/data.yml +++ b/apps/uuwaf/data.yml @@ -1,20 +1,19 @@ -name: 南墙 Web 应用防火墙(uuWAF) -tags: - - 工具 -title: 免费、高性能、高扩展顶级Web应用和API安全防护产品 -type: 工具 -description: 免费、高性能、高扩展顶级Web应用和API安全防护产品 -additionalProperties: - key: uuwaf - name: 南墙 Web 应用防火墙(uuWAF) - tags: - - Tool - shortDescZh: 免费、高性能、高扩展顶级Web应用和API安全防护产品 - shortDescEn: High-performance, highly scalable, top-tier web application and API security protection product - type: tool - crossVersionUpdate: true - limit: 1 - recommend: 0 - website: https://waf.uusec.com - github: https://github.com/Safe3/uuWAF - document: https://waf.uusec.com +name: uuWAF +tags: + - 安全 +title: 南墙 WEB 应用防火墙 +description: 南墙 WEB 应用防火墙 +additionalProperties: + key: uuwaf + name: uuWAF + tags: + - Security + shortDescZh: 南墙 WEB 应用防火墙 + shortDescEn: NanQiang Web Application Firewall + type: tool + crossVersionUpdate: true + limit: 1 + recommend: 0 + website: https://waf.uusec.com/#/ + github: https://github.com/Safe3/uuWAF + document: https://waf.uusec.com/#/?id=main diff --git a/apps/uuwaf/logo.png b/apps/uuwaf/logo.png index bab6cbac..f82ea82f 100644 Binary files a/apps/uuwaf/logo.png and b/apps/uuwaf/logo.png differ