Aiwaf: An AI-Powered Web Application Firewall for Django/Flask

1•aayushgauba•4mo ago

AIWAF is an open source Web Application Firewall built to go beyond static regex rules and simple rate limiting, which often break down when traffic patterns change or attackers adapt. Instead of relying only on hardcoded blacklists, AIWAF adds anomaly detection for abnormal request patterns, honeypot fields with timing analysis to catch bots, dynamic keyword detection to spot suspicious payloads that don’t appear on predefined lists, and adaptive IP/keyword blocking backed by CSV or database storage.

It currently works as middleware for Django and Flask and is meant to be easy to drop into existing projects without heavy configuration. The project is still early, and I’d love feedback from the community on what would make this better, whether the next focus should be deeper ML-based detection or support for additional frameworks, and how important integrations with existing tools like fail2ban or ModSecurity would be. Project site: https://aiwaf.org/

Comments

incomingpain•4mo ago

Found it on github, few months old now. Cool project.

Something I couldnt exactly see, which AI does it use? It seems more like a daily retraining on the box itself? Not a like openai or ollama type ai?

aayushgauba•4mo ago

Yep, good eye, AIWAF doesn’t use OpenAI/Ollama by default. The core AI right now is an Isolation Forest model for anomaly detection. It retrains locally (daily/weekly depending on your setup) on your own logs so it adapts to your traffic patterns without sending data off box.

The goal is privacy + lightweight, so it’s CPU friendly, keeps data in your infra, and you don’t need an external LLM

incomingpain•4mo ago

Interesting, I had vaguely heard of isolation forests before but dont think i understood their use.

Interesting projec, I wish you the best!

aayushgauba•4mo ago

Thanks a lot!

Show HN: 83K lines of C++ – cryptocurrency written from scratch, not a fork

Show HN: SAA – A minimal shell-as-chat agent using only Bash

Mario Tchou

Does Anyone Even Know What's Happening in Zim?

The last Morse code maritime radio station in North America [video]

Show HN: Hacker Newspaper – Yet another HN front end optimized for mobile

OpenClaw Is Changing My Life

Everything you need to know about lasers in one photo

SCOTUS to decide if 1988 video tape privacy law applies to internet uses

Epstein files reveal deeper ties to scientists than previously known

Red teamers arrested conducting a penetration test

Show HN: Open-source AI powered Kubernetes IDE

Show HN: Lucid – Use LLM hallucination to generate verified software specs

AI Doesn't Write Every Framework Equally Well

Aisbf – an intelligent routing proxy for OpenAI compatible clients

Let's handle 1M requests per second

OpenClaw Partners with VirusTotal for Skill Security

Goal: Ship 1M Lines of Code Daily

Show HN: Codex-mem, 90% fewer tokens for Codex

FastLangML: FastLangML:Context‑aware lang detector for short conversational text

LineageOS 23.2

Crypto Deposit Frauds

Substack makes money from hosting Nazi newsletters

Framing an LLM as a safety researcher changes its language, not its judgement

Are there anyone interested about a creator economy startup

Show HN: Skill Lab – CLI tool for testing and quality scoring agent skills

2003: What is Google's Ultimate Goal? [video]

Roger Ebert Reviews "The Shawshank Redemption"

Busy Months in KDE Linux

Zram as Swap