Add WAF rules to block known bots and malicious traffic for Django applications. Provides easy integration with popular WAF services like Cloudflare.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for adamghill from gravatar.com adamghill

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Adam Hill
  • Tags django , waf , security , cloudflare
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

dj-waf 🙅

Add WAF rules to block known bots and malicious traffic for Django applications

Provides easy integration with popular WAF services like Cloudflare.

Features 🤩

  • Create WAF rules in Cloudflare directly from Django.

Installation

pip install dj-waf

OR

uv add dj-waf

Usage

  1. Add the app to your INSTALLED_APPS in settings.py:
INSTALLED_APPS = [
    ...
    "dj_waf",
]
  1. Configure your WAF settings in settings.py:
# settings.py

WAF = {
    "default": {
        "BACKEND": "dj_waf.backends.cloudflare.CloudflareBackend",
        "OPTIONS": {
            "apikey": "cloudflare-waf-api-key",
            "domain": "your-example-domain.com",
            "rules": [
                {
                    "description": "dj-waf",
                    "expression": '(http.request.uri.path wildcard r"/wp-*") or (http.request.uri.path wildcard r"/*wp-*") or (http.request.uri.path wildcard r"/wordpress*") or (http.request.uri.path wildcard r"/*wordpress*") or (http.request.uri.path wildcard r"*.php") or (http.request.uri.path eq "/.env") or (http.request.uri.path wildcard r"/admin/*")',
                    "action": "block",
                    "enabled": True,
                }
            ],
        },
    },
}
  1. Then run the management command to apply the rules:
python manage.py create_waf_rules

The command will create WAF rules in your configured WAF provider (e.g., Cloudflare) based on the rules defined in your WAF settings.

Create Cloudflare API

  1. Go to https://dash.cloudflare.com/profile/api-tokens
  2. Click Create Token
  3. Scroll to the bottom and click Get started in the "Create Custom Token" section
  4. In the Permissions area, select Zone, Zone Settings, Read
  5. Click Add more
  6. Select Zone, Zone WAF, Edit
  7. Click Continue to summary
  8. Click Create Token
  9. Copy API token from User API Tokens page

Available Backends

  • cloudflare

Test 🧪

  1. uv install pip install -e .[dev]
  2. just test

Contributing 🤝

Contributions are welcome! Please feel free to submit a Pull Request.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for adamghill from gravatar.com adamghill

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Adam Hill
  • Tags django , waf , security , cloudflare
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

This version

0.2.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dj_waf-0.2.0.tar.gz (4.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dj_waf-0.2.0-py3-none-any.whl (6.3 kB view details)

Uploaded Python 3

File details

Details for the file dj_waf-0.2.0.tar.gz.

File metadata

  • Download URL: dj_waf-0.2.0.tar.gz
  • Upload date:
  • Size: 4.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for dj_waf-0.2.0.tar.gz
Algorithm Hash digest
SHA256 f8c829b01fa8df7a867f59294d9a9a87aa7342f4eda7d4c37c11921d73517363
MD5 2175cfedc88a54cd77791f072ea85453
BLAKE2b-256 202c99af512da36d8c62be7425cf81cb529bc5db4ed6c73bd1477f1a3259ed2c

See more details on using hashes here.

Provenance

The following attestation bundles were made for dj_waf-0.2.0.tar.gz:

Publisher: publish.yml on adamghill/dj-waf

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dj_waf-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: dj_waf-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 6.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for dj_waf-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 15b0eb88e165f2375bf884c0704872938531ed803c09fa7be2c7c6156482cda6
MD5 19c569e16acb2257d3bedcefaa06eeda
BLAKE2b-256 0fee4f1102acbe728401f69068c6fb3d3b28c67c56b79458b65de48891893691

See more details on using hashes here.

Provenance

The following attestation bundles were made for dj_waf-0.2.0-py3-none-any.whl:

Publisher: publish.yml on adamghill/dj-waf

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page