MCPcopy Index your code
hub / github.com/bunkerity/bunkerweb

github.com/bunkerity/bunkerweb @v1.6.12 sqlite

repository ↗ · DeepWiki ↗ · release v1.6.12 ↗
8,995 symbols 36,073 edges 844 files 1,887 documented · 21%
README
<img alt="BunkerWeb logo" src="https://github.com/bunkerity/bunkerweb/raw/v1.6.12/misc/logo.png" height=100 width=350 />







<img src="https://img.shields.io/github/v/release/bunkerity/bunkerweb?label=stable" />
<img src="https://img.shields.io/github/v/release/bunkerity/bunkerweb?include_prereleases&label=latest" />



<img src="https://img.shields.io/github/last-commit/bunkerity/bunkerweb" />
<img src="https://img.shields.io/github/issues/bunkerity/bunkerweb">
<img src="https://img.shields.io/github/issues-pr/bunkerity/bunkerweb">



<img src="https://img.shields.io/github/actions/workflow/status/bunkerity/bunkerweb/dev.yml?branch=dev&label=CI%2FCD%20dev" />
<img src="https://img.shields.io/github/actions/workflow/status/bunkerity/bunkerweb/staging.yml?branch=staging&label=CI%2FCD%20staging" />



<a href="https://www.bestpractices.dev/projects/8001">
    <img src="https://www.bestpractices.dev/projects/8001/badge">
</a>
<a href="https://gitrated.com/bunkerity/bunkerweb"><img src="https://gitrated.com/bunkerity/bunkerweb/badge" alt="GitRated rating" /></a>



<a href="https://www.star-history.com/bunkerity/bunkerweb">









    <img alt="Star History Rank" src="https://api.star-history.com/badge?repo=bunkerity/bunkerweb" width=140 />



</a>







🌐 <a href="https://www.bunkerweb.io/?utm_campaign=self&utm_source=github">Website</a>
 &#124;
🤝 <a href="https://panel.bunkerweb.io/?utm_campaign=self&utm_source=github">Panel</a>
 &#124;
📓 <a href="https://docs.bunkerweb.io/?utm_campaign=self&utm_source=github">Documentation</a>
 &#124;
👨‍💻 <a href="https://demo.bunkerweb.io/?utm_campaign=self&utm_source=github">Demo</a>
 &#124;
📱 <a href="https://demo-ui.bunkerweb.io/?utm_campaign=self&utm_source=github">Demo UI</a>
 &#124;
🧩 <a href="https://github.com/bunkerity/bunkerweb-templates">Templates</a>
 &#124;
🛡️ <a href="https://github.com/bunkerity/bunkerweb/raw/v1.6.12/examples">Examples</a>



💬 <a href="https://discord.com/invite/fTf46FmtyD">Chat</a>
 &#124;
📝 <a href="https://github.com/bunkerity/bunkerweb/discussions">Forum</a>
 &#124;
📝 <a href="https://community.bunkerweb.io/?utm_campaign=self&utm_source=github">Community</a>
 &#124;
🗺️ <a href="https://www.bunkerweb.io/threatmap/?utm_campaign=self&utm_source=github">Threatmap</a>
&#124;
📊 <a href="https://status.bunkerweb.io/?utm_campaign=self&utm_source=github">Status</a>
&#124;
🔎 <a href="https://forms.gle/e3VgymAteYPnwM1j9">Feedback</a>

🛡️ Make security by default great again!

BunkerWeb

<img alt="Overview banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.6.12/docs/assets/img/intro-overview.svg" />

BunkerWeb is a next-generation, open-source Web Application Firewall (WAF).

Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them "secure by default." BunkerWeb integrates seamlessly into your existing environments (Linux, Docker, Swarm, Kubernetes, …) as a reverse proxy and is fully configurable (don't panic, there is an awesome web UI if you don't like the CLI) to meet your own use cases. In other words, cybersecurity is no longer a hassle.

BunkerWeb contains primary security features as part of the core but can be easily extended with additional ones thanks to a plugin system.

Why BunkerWeb?

https://github.com/user-attachments/assets/c3fed740-28d8-4335-ab05-113a9e815b4f

  • Easy integration into existing environments: Seamlessly integrate BunkerWeb into various environments such as Linux, Docker, Swarm, Kubernetes, and more. Enjoy a smooth transition and hassle-free implementation.
  • Highly customizable: Tailor BunkerWeb to your specific requirements with ease. Enable, disable, and configure features effortlessly, allowing you to customize the security settings according to your unique use case.
  • Secure by default: BunkerWeb provides out-of-the-box, hassle-free minimal security for your web services. Experience peace of mind and enhanced protection right from the start.
  • Awesome web UI: Take control of BunkerWeb more efficiently with the exceptional web user interface (UI). Navigate settings and configurations effortlessly through a user-friendly graphical interface, eliminating the need for the command-line interface (CLI).
  • Plugin system: Extend the capabilities of BunkerWeb to meet your own use cases. Seamlessly integrate additional security measures and customize the functionality of BunkerWeb according to your specific requirements.
  • Free as in "freedom": BunkerWeb is licensed under the free AGPLv3 license, embracing the principles of freedom and openness. Enjoy the freedom to use, modify, and distribute the software, backed by a supportive community.
  • Professional services: Get technical support, tailored consulting, and custom development directly from the maintainers of BunkerWeb. Visit the Bunker Panel for more information.

Security features

A non-exhaustive list of security features:

  • HTTPS support with transparent Let's Encrypt automation
  • State-of-the-art web security: HTTP security headers, prevent leaks, TLS hardening, ...
  • Integrated ModSecurity WAF with the OWASP Core Rule Set
  • Automatic ban of strange behaviors based on HTTP status codes
  • Apply connection and request limits for clients
  • Block bots by asking them to solve a challenge (e.g., cookie, JavaScript, captcha, hCaptcha, or reCAPTCHA)
  • Block known bad IPs with external blacklists and DNSBL
  • And much more...

Learn more about the core security features in the security tuning section of the documentation.

Demo

https://github.com/user-attachments/assets/6fc0e3c1-d353-4a84-bad0-15bf9b6623a5

A demo website protected with BunkerWeb is available at demo.bunkerweb.io. Feel free to visit it and perform some security tests.

Web UI

https://github.com/user-attachments/assets/a3ed56f8-c124-4ca9-b8b3-4be0913b3078

BunkerWeb offers an optional user interface to manage your instances and their configurations. An online read-only demo is available at demo-ui.bunkerweb.io, feel free to test it yourself.

BunkerWeb Cloud

Don't want to self-host and manage your own BunkerWeb instance(s)? You might be interested in BunkerWeb Cloud, our fully managed SaaS offering for BunkerWeb.

Order your BunkerWeb Cloud instance and get access to:

  • A fully managed BunkerWeb instance hosted in our cloud
  • All BunkerWeb features, including PRO ones
  • A monitoring platform with dashboards and alerts
  • Technical support to assist you with configuration

If you are interested in the BunkerWeb Cloud offering, don't hesitate to contact us so we can discuss your needs.

PRO version

Want to quickly test BunkerWeb PRO for one month? Use the code freetrial when placing your order on the BunkerWeb panel or by clicking here to directly to apply the promo code (will be effective at checkout).

When using BunkerWeb, you have the choice of the version you want to use: open-source or PRO.

Whether it's enhanced security, an enriched user experience, or technical monitoring, the BunkerWeb PRO version allows you to fully benefit from BunkerWeb and meet your professional needs.

In the documentation or the user interface, PRO features are annotated with a crown crown pro icon to distinguish them from those integrated into the open-source version.

You can upgrade from the open-source version to the PRO one easily and at any time. The process is straightforward:

Do not hesitate to visit the BunkerWeb panel or contact us if you have any questions regarding the PRO version.

Professional services

Get the most out of BunkerWeb by getting professional services directly from the maintainers of the project. From technical support to tailored consulting and development, we are here to assist you in the security of your web services.

You will find more information by visiting the BunkerWeb Panel, our dedicated platform for professional services.

Don't hesitate to contact us if you have any questions; we will be more than happy to respond to your needs.

Ecosystem, community, and resources

Official websites, tools, and resources about BunkerWeb:

  • Website: get more information, news, and articles about BunkerWeb
  • Panel: dedicated platform to order and manage professional services (e.g., technical support) around BunkerWeb
  • Documentation: technical documentation of the BunkerWeb solution
  • Demo: demonstration website of BunkerWeb, don't hesitate to attempt attacks to test the robustness of the solution
  • Web UI: online read-only demo of the web UI of BunkerWeb
  • Threatmap: live cyber attack blocked by BunkerWeb instances all around the world

Community and social networks:

Concepts

<img alt="Concepts banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.6.12/docs/assets/img/concepts.svg" />

You will find more information about the key concepts of BunkerWeb in the documentation.

Integrations

The first concept is the integration of BunkerWeb into the target environment. We prefer to use the word "integration" instead of "installation" because one of the goals of BunkerWeb is to integrate seamlessly into existing environments.

The following integrations are officially supported:

Settings

Once BunkerWeb is integrated into your environment, you will need to configure it to serve and protect your web applications.

The configuration of BunkerWeb is done by using what we call the "settings" or "variables." Each setting is identified by a name such as AUTO_LETS_ENCRYPT or USE_ANTIBOT. You can assign values to the settings to configure BunkerWeb.

Here is a dummy example of a BunkerWeb configuration:

SERVER_NAME=www.example.com
AUTO_LETS_ENCRYPT=yes
USE_ANTIBOT=captcha
REFERRER_POLICY=no-referrer
USE_MODSECURITY=no
USE_GZIP=yes
USE_BROTLI=no

Multisite mode

The multisite mode is a crucial concept to understand when using BunkerWeb. Because the goal is to protect web applications, we intrinsically inherit the concept of "virtual host" or "vhost" (more info [here

Extension points exported contracts — how you extend this code

PreparedDictionary (Interface)
Prepared dictionary data provider. [5 implementers]
src/deps/src/brotli/java/org/brotli/enc/PreparedDictionary.java
BrotliDecodeOptions (Interface)
(no doc)
src/deps/src/brotli/js/decode.ts

Core symbols most depended-on inside this repo

push
called by 1387
src/deps/src/brotli/java/org/brotli/wrapper/dec/DecoderJNI.java
warning
called by 488
src/deps/src/mbedtls/tf-psa-crypto/framework/scripts/mbedtls_framework/outcome_analysis.py
info
called by 449
src/deps/src/mbedtls/tf-psa-crypto/framework/scripts/mbedtls_framework/outcome_analysis.py
t
called by 399
src/ui/app/static/js/pages/home.js
e
called by 358
src/ui/app/static/libs/ace/src-min/ace.js
decode
called by 309
src/deps/src/brotli/java/org/brotli/wrapper/dec/Decoder.java
min
called by 297
src/deps/src/brotli/java/org/brotli/dec/Utils.java
filter
called by 271
src/api/utils/logger.py

Shape

Function 4,316
Method 3,715
Class 767
Route 178
Struct 10
Enum 5
Interface 2
TypeAlias 2

Languages

TypeScript49%
Python44%
Java5%
Go3%

Modules by API surface

src/ui/app/static/libs/apexcharts/apexcharts.min.js1,299 symbols
src/ui/app/static/libs/lottie-player/lottie-player.min.js577 symbols
src/ui/app/static/libs/bootstrap/bootstrap.bundle.min.js392 symbols
src/deps/src/brotli/research/brotlidump.py196 symbols
src/ui/app/static/libs/i18next/i18next.min.js154 symbols
src/ui/app/static/libs/ace/src-min/keybinding-vim.js151 symbols
src/ui/app/static/js/pages/template_edit.js139 symbols
src/ui/app/static/libs/datatables/datatables.min.js136 symbols
src/deps/src/mbedtls/tf-psa-crypto/framework/scripts/test_generate_test_code.py117 symbols
src/ui/app/static/libs/leaflet/leaflet.min.js106 symbols
src/ui/app/static/libs/jquery/jquery.min.js91 symbols
src/deps/src/brotli/js/decode.ts78 symbols

Dependencies from manifests, versioned

junit:junit4.13.2 · 1×
org.brotli:dec1.2.0-SNAPSHOT · 1×
cssnano8.0.2 · 1×
html-minifier-terser7.2.0 · 1×
postcss8.5.15 · 1×
postcss-cli11.0.1 · 1×
puppeteer24.8.2 · 1×
uglify-js3.19.3 · 1×
yargs8.0.2 · 1×
Flask3.1.3 · 1×
Flask-Login0.6.3 · 1×
Flask-WTF1.3.0 · 1×

Datastores touched

(mysql)Database · 1 repos
dbDatabase · 1 repos
dbDatabase · 1 repos
bunkerwebDatabase · 1 repos
bunkerwebDatabase · 1 repos
bw_dbDatabase · 1 repos

For agents

$ claude mcp add bunkerweb \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact