Aiwaf: An AI-Powered Web Application Firewall for Django/Flask

1•aayushgauba•4mo ago

AIWAF is an open source Web Application Firewall built to go beyond static regex rules and simple rate limiting, which often break down when traffic patterns change or attackers adapt. Instead of relying only on hardcoded blacklists, AIWAF adds anomaly detection for abnormal request patterns, honeypot fields with timing analysis to catch bots, dynamic keyword detection to spot suspicious payloads that don’t appear on predefined lists, and adaptive IP/keyword blocking backed by CSV or database storage.

It currently works as middleware for Django and Flask and is meant to be easy to drop into existing projects without heavy configuration. The project is still early, and I’d love feedback from the community on what would make this better, whether the next focus should be deeper ML-based detection or support for additional frameworks, and how important integrations with existing tools like fail2ban or ModSecurity would be. Project site: https://aiwaf.org/

Comments

incomingpain•4mo ago

Found it on github, few months old now. Cool project.

Something I couldnt exactly see, which AI does it use? It seems more like a daily retraining on the box itself? Not a like openai or ollama type ai?

aayushgauba•4mo ago

Yep, good eye, AIWAF doesn’t use OpenAI/Ollama by default. The core AI right now is an Isolation Forest model for anomaly detection. It retrains locally (daily/weekly depending on your setup) on your own logs so it adapts to your traffic patterns without sending data off box.

The goal is privacy + lightweight, so it’s CPU friendly, keeps data in your infra, and you don’t need an external LLM

incomingpain•4mo ago

Interesting, I had vaguely heard of isolation forests before but dont think i understood their use.

Interesting projec, I wish you the best!

aayushgauba•4mo ago

Thanks a lot!

MS-DOS game copy protection and cracks

Updates on GNU/Hurd progress [video]

Epstein took a photo of his 2015 dinner with Zuckerberg and Musk

MyFlames: Visualize MySQL query execution plans as interactive FlameGraphs

Show HN: LLM of Babel

A modern iperf3 alternative with a live TUI, multi-client server, QUIC support

Famfamfam Silk icons – also with CSS spritesheet

Apple is the only Big Tech company whose capex declined last quarter

Reverse-Engineering Raiders of the Lost Ark for the Atari 2600

Show HN: Deterministic NDJSON audit logs – v1.2 update (structural gaps)

The Greater Copenhagen Region could be your friend's next career move

Do Not Confirm – Fiction by OpenClaw

The Analytical Profile of Peas

Hallucinations in GPT5 – Can models say "I don't know" (June 2025)

What AI is good for, according to developers

OpenAI might pivot to the "most addictive digital friend" or face extinction

Show HN: Know how your SaaS is doing in 30 seconds

ClawdBot Ordered Me Lunch

What the News media thinks about your Indian stock investments

Running Lua on a tiny console from 2001

Google and Microsoft Paying Creators $500K+ to Promote AI Tools

New filtration technology could be game-changer in removal of PFAS

Show HN: I saw this cool navigation reveal, so I made a simple HTML+CSS version

Kinda Surprised by Seadance2's Moderation

I Write Games in C (yes, C)

Django scales. Stop blaming the framework (part 1 of 3)

Malwarebytes Is Now in ChatGPT

Thoughts on the job market in the age of LLMs

Show HN: Stacky – certain block game clone

AIII: A public benchmark for AI narrative and political independence