This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/fab_space on 2024-12-21 08:58:48+00:00.

Helo selfhosters, it’s saturday!

How to waste some time today? Let enforce a bit of security on your selfhosted web servers :)

This because I started this simple GitHub project to let you generate (or download) OWASP and bad bots rules for most popular web servers like Nginx, Apache, Caddy, Traefik and HaProxy.

You all welcome to enjoy and contribute to the project with your thoughts, feedbacks and PRs ;)

📌 Project Highlights

• 🛡️ OWASP CRS Protection – Leverages OWASP Core Rule Set for web application firewall (WAF) defense.
• 🤖 Bad Bot Blocking – Blocks known malicious bots using public bot lists.
• ⚙️ Multi-Web Server Support – Generates WAF configs for Apache, Nginx, Caddy, Traefik, and HAProxy.
• 🔄 Automatic Updates – GitHub Actions fetch new rules daily and push updated configs.

🌐 Supported Web Servers

• 🔵 Nginx
• 🟢 Caddy
• 🟠 Apache (ModSecurity)
• 🟣 Traefik
• 🔴 HAProxy

Have a nice weekend!