OpenSource-Hub
U

UUSEC WAF

1.6k stars·System Optimization·SHA-256 checksum verified

Industrial-grade free web application firewall with AI-powered zero-day defense, semantic engine, and self-developed HIPS/RASP for active protection.

Smart Download

Visit Project Homepage

No installer available yet — head to the source repository

Free AI-powered WAF with Docker one-click deploy, outperforming ModSecurity and Cloudflare Free.

Core Features

  • AI zero-day defense: machine learning auto-learns normal traffic, intercepts 0day without rules
  • Self-developed cache cleaning: regex support, more flexible than Nginx commercial cache purge
  • HIPS active defense at system layer: blocks process, file, privilege escalation attacks
  • RASP runtime self-protection: embeds into Java JVM / PHP Zend for web 0day defense
  • Advanced semantic engine: SQL/XSS/RCE/LFI detection + multi-layer decoding, low false positives

What It Can't Do

  • Linux x86_64 only; no Windows/macOS support.
  • Requires Docker pre-installed.
  • Reverse proxy mode uses ports 80 and 443; ensure they are free.
  • Free version detection rate ~74.77% (0.09% false positive); Pro version ~98.97% (paid).
  • Domain DNS must point to WAF server, otherwise site inaccessible.

Use Cases

  • Protect websites from SQL injection, XSS, CC attacks for SMEs and individual webmasters
  • Zero-day emergency protection without frequent rule updates
  • High-traffic sites needing both CDN acceleration and security
  • Red team/blue team exercises deploying defensive layers

Detailed Introduction

UUSEC WAF is a high-performance, highly scalable web application and API security product developed by UUSEC Technology. It integrates machine learning for intelligent 0-day attack detection, a self-developed cache cleaning feature surpassing Nginx commercial version, and two powerful active defense mechanisms: HIPS at the system layer and RASP at the runtime layer. The advanced semantic engine (SQL, XSS, RCE, LFI) with multiple deep decoding engines accurately reconstructs HTTP content (base64, JSON, form data) to resist bypassing techniques. A flexible rule engine combines traditional rules with Lua scripting for complex vulnerability interception. Installation is Docker-based, taking minutes. Management panel supports SSL certificates, Let's Encrypt auto-renewal, and real-time rule updates without restart.

Troubleshooting & FAQ (2)

Troubleshooting
How to fix WAF blocking qBittorrent tracker addition due to "Universal attack" false positive?

When adding trackers via qBittorrent WebUI behind a WAF, the list of tracker URLs can be misidentified as a Server Side Request Forgery (SSRF) attack, triggering a "Universal attack" rule. To resolve, add the tracker domains (e.g., tracker.opentrackr.org, open.stealth.si) to your WAF's URL whitelist, or disable the specific rule temporarily. For example, in a typical WAF config, create an exception for parameters containing 'urls=' with allowed domains. Monitor rule logs to fine-tune.

GitHub Issue #152
Troubleshooting
Why can't I access UUWAF on port 8081 after Docker port mapping?

Ensure the UUWAF service inside the container listens on all interfaces (0.0.0.0) and not just localhost. Check container logs via docker logs uuwaf. Test internal listening ports with docker exec uuwaf netstat -tlnp. If the service binds only to 127.0.0.1, configure it to listen on 0.0.0.0—this may involve setting a BIND_ADDRESS environment variable or adjusting the web server config. Also verify the host firewall allows incoming traffic on port 8081.

GitHub Issue #145

Tags

WAFweb application firewallsecurityAI defenseCDNsemantic engineHIPSRASP

Getting Started

1

Download installer

Click the button above to download the installer for your system

Visit Project Homepage
2

Install the software

Double-click the downloaded installer and follow the prompts

3

Step 1: Prepare a pure Linux x86_64 server with Docker CE ≥20.10.14 and Docker Compose ≥2.0.0

4

Step 2: Run one-click installer: sudo bash -c "$(curl -fsSL https://waf.uusec.com/installer.sh)"

5

Step 3: Manage container using bash /opt/waf/manager.sh (start/stop/update/uninstall)

Install Guide
  1. Step 1: Prepare a pure Linux x86_64 server with Docker CE ≥20.10.14 and Docker Compose ≥2.0.0
  2. Step 2: Run one-click installer: sudo bash -c "$(curl -fsSL https://waf.uusec.com/installer.sh)"
  3. Step 3: Manage container using bash /opt/waf/manager.sh (start/stop/update/uninstall)
File Integrity

Checksum not available

This project has not published a SHA-256 checksum on its GitHub Release page

SHA256 Checksum

No checksum available

Download directly from GitHub Releases and verify file integrity yourself

All SHA-256 checksums on this platform are extracted from the project's official GitHub Release page, without any modification. You can independently verify them on the GitHub Releases page.

Open Source Transparency

View GitHub Source
Environment Guide

Uninstall Info

Run bash /opt/waf/manager.sh and choose uninstall, or manually remove /opt/waf directory and related Docker containers/images.

No Extra Dependencies

Ready to use after download. No additional runtime required.

Project Info
LicenseOther
Last Updated2026-06-27 13:20:20
GitHub RepositoryOfficial Website

Having issues? Check the FAQ below

2 FAQs

Similar Projects

P

PowerToys

A set of utilities for power users to tune and streamline their Windows experience for greater productivity.

T

terminal

Modern, feature-rich terminal application for Windows command-line users, with tabs, GPU acceleration, and full customization.

C

core

Open source home automation that puts local control and privacy first. Perfect for Raspberry Pi or a local server.