aspwaf/Walter.Web.FireWallv2025.9.1452
✓ Verified.NET 8.0.NET 8.0-windows7.0.NET 9.0.NET 9.0-windows7.0
Enhance .NET applications with a robust firewall, designed as middleware and IActionFilter, protecting against CVE attacks, web scraping, and phishing. Configurable via annotations and a rule engine services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your options }); Have a look at the GitHub samples at https://github.com/ASP-WAF/FireWall and https://github.com/ASP-WAF/FireWall/wiki to see how to use the firewall in applications. You can view the firewall in action using https://www.asp-waf.com/Firewall You can get started with the firewall using the samples shown in https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf as well as the on line documentation at https://firewallapi.asp-waf.com/
Get Started
$ dotnet add package Walter.Web.FireWallReadme
How to get started
This package allows you to protect your firewall using annotations and pre-specified rules. A full getting started document is available at www.asp-waf.com in form of a PDF, compiled help
Unsupported You can't deploy the firewall as an embedded dll in a single file deployment as the firewall will validate the code signing certificate of the assembly. Make sure that you exclude Walter.Web.Firewall.dll from your deploy, for help see the documentation
Get started
The below sample shows how you integrate and enable the firewall in your project.
services.AddFireWall(options =>
{
//generate access specify to generate a .connect file that can be used with the remote desktop management software (open source)
options.Administration.GenerateConnectFile = true;
options.Administration.DisplayName = "My HomePage";
//white list IP addresses,and block all other or leave blank to allow all IP will accept single IP, IP with CIDR, or IP with subnet mask
//options.Administration.WhiteList("84.195.151.208", "81.206.151.236", "10.0.0.1-255.255.255.0");
options.Administration.Users.Seed(userName: "admin", password: "pa$$word1234", access: AdminAccess.Full, GeoLocation.EUROPE);
options.Administration.Users.GuestAccess(GeoLocation.ALL);
options.FireWallMode = Walter.Web.FireWall.FireWallProtectionModes.WebSiteWithApi;
options.ProtectedEndPointTypes.Add(typeof(BaseController));
options.TrackUsers = true;
options.Cashing.GeoLocation.SlidingExpiration = TimeSpan.FromMinutes(20);
options.ContactDetails.Address = "Your address";
options.ContactDetails.EMail = "support@myDomain.com";
options.ContactDetails.Name = "Support";
options.ContactDetails.Phone = "+352 1111 2222 3333";
options.ContactDetails.Country = GeoLocation.Luxembourg;
options.Rules.AllowNonAspNetRequests = 1;
options.Rules.AllowNonAspNetRequestsIn = TimeSpan.FromMinutes(20);
options.Rules.RedirectNonAspNetRequestsTo = new Uri("/Home/Blocked", UriKind.Relative);
options.Rules.RedirectUrlPhishingTo = new Uri("/Home/404", UriKind.Relative);
options.Rules.AllowWhiteListing = false;
options.Rules.PhysicalFileWallExcludeReasons = Walter.BOM.FirewallBlockReasons.ALL & ~Walter.BOM.FirewallBlockReasons.NoAccessFromRegion;
options.Rules.BlockRequest.BlockDuration.SlideExpiration = true;
options.Rules.BlockRequest.BlockDuration.Expires = TimeSpan.FromSeconds(10);
options.Rules.AllowWhiteListing = false;
options.Rules.Headers.AddDefaultSecurePolicy()
.AddStrictTransportSecurityNoCache()
.AddXssProtectionBlockAndReport()
.AddFrameOptionsDeny()
.AddContentSecurityPolicyButTrust(trustingSites: Walter.Web.FireWall.TrustingSites.Self | Walter.Web.FireWall.TrustingSites.SubDomains | Walter.Web.FireWall.TrustingSites.GenerateNonce, allowInline:false)
;
})
.UseDatabase(DatabaseConnections.FireWallState, "dbo", TimeSpan.FromDays(365))
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseFireWall(enablePortScannerListners: false)//set to true if you use honey-pot configuration nuget package walter.net.honeypot
.UseSecurityHeadersMiddleware();
}