BunkerWeb
bunkerweb.io Self-HostedBunkerWeb is an open-source Next-Generation Web Application Firewall (WAF). It provides easy protection for your web services and is designed to remain secure by default. It integrates seamlessly with modern environments (Docker, Kubernetes, Linux, etc.).
- Homepage: bunkerweb.io
- GitHub: github.com/bunkerity/bunkerweb
- Web info: web-check.xyz/check/bunkerweb.io
BunkerWeb Source Code
Author
Description
🛡️ Open-source and cloud-native Web Application Firewall (WAF)
Homepage
https://www.bunkerweb.ioLicense
AGPL-3.0
Created
20 Aug 19
Last Updated
07 Jul 26
Latest version
Primary Language
Python
Size
917,267 KB
Stars
10,695
Forks
631
Watchers
10,695
Language Usage
Star History
Top Contributors
-
@TheophileDiot (6573)
-
@fl0ppy-d1sk (1979)
-
@syrk4web (877)
-
@dependabot[bot] (579)
-
@thelittlefireman (36)
-
@Hado-K3n (15)
-
@tomkolp (14)
-
@Anadris (12)
-
@Michal-Koeckeis-Fresel (10)
-
@lenglet-k (10)
-
@adren (7)
-
@Copilot (7)
-
@gin-gitaxias (7)
-
@wiseweb-works (4)
-
@Marvo2011 (4)
-
@mromanelli9 (3)
-
@jbbandos (3)
-
@Simonmiz (3)
-
@TomVivant (3)
-
@AxyFr (3)
-
@rayshoo (3)
-
@ajarmoszuk (3)
-
@sachin-vcs (3)
-
@Brawdunoir (2)
-
@spwoodcock (2)
-
@nimro27 (2)
-
@Crazy3lf (2)
-
@aptkzzz (1)
-
@vepito (1)
-
@peterkimzz (1)
-
@killmasta93 (1)
-
@jonas0b1011001 (1)
-
@immanuwell (1)
-
@harshadkhetpal (1)
-
@ZILosoft (1)
-
@Arakmar (1)
-
@PathToLife (1)
-
@Nakinox (1)
-
@Myzel394 (1)
-
@mevenG (1)
-
@Pizmovc (1)
-
@Kn-ut99 (1)
-
@eltociear (1)
-
@HongyiHank (1)
-
@FacundoAcevedo (1)
-
@ff6347 (1)
-
@cleverguns (1)
-
@Ablablab (1)
-
@kovacs-andras (1)
-
@aizatto (1)
Recent Commits
-
Théophile Diot (02 Jul 26)
Merge pull request #3694 from bunkerity/staging Road to 1.6.12 🚀
-
Théophile Diot (02 Jul 26)
Merge pull request #3693 from bunkerity/dev Merge branch "dev" into branch "staging"
-
TheophileDiot (02 Jul 26)
chore(docker): Fix misc CVEs
-
TheophileDiot (01 Jul 26)
deps: Updated LuaJIT version to v2.1-20260701
-
TheophileDiot (01 Jul 26)
deps: Updated Modsecurity version to v3.0.16
-
TheophileDiot (29 Jun 26)
chore(docker): update base images for RHEL 9 and 10 Dockerfiles
-
TheophileDiot (29 Jun 26)
fix(docker): update yq version to v4.50.1 in Dockerfile
-
Théophile Diot (29 Jun 26)
Merge pull request #3679 from bunkerity/dev Merge branch "dev" into branch "staging"
-
TheophileDiot (29 Jun 26)
Merge branch 'dev' of https://github.com/bunkerity/bunkerweb into dev
-
TheophileDiot (29 Jun 26)
docs(social): fix cropped logo in Open Graph preview cards
-
Théophile Diot (29 Jun 26)
Merge pull request #3677 from bunkerity/dependabot/github_actions/dev/stefanzweifel/git-auto-commit-action-7.2.0 deps/gha: bump stefanzweifel/git-auto-commit-action from 7.1.0 to 7.2.0
-
TheophileDiot (29 Jun 26)
fix(ui): preserve customizations on easy-mode template switch + sync multiselect display
-
TheophileDiot (29 Jun 26)
Update dependencies: regex to 2026.6.28, certifi to 2026.6.17, click to 8.4.2, and hpack to 4.2.0
-
dependabot[bot] (29 Jun 26)
deps/gha: bump stefanzweifel/git-auto-commit-action from 7.1.0 to 7.2.0 Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 7.1.0 to 7.2.0. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/04702edda442b2e678b25b537cec683a1493fcb9...4a55954c782fc1ea30b9056cd3e7a2b40ca8887d) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
-
Théophile Diot (26 Jun 26)
Merge pull request #3675 from bunkerity/dev Merge branch "dev" into branch "staging"
-
Théophile Diot (26 Jun 26)
Merge pull request #3671 from bunkerity/dependabot/github_actions/dev/github/codeql-action-4.36.2 deps/gha: bump github/codeql-action from 3.36.2 to 4.36.2
-
Théophile Diot (26 Jun 26)
Merge pull request #3672 from bunkerity/dependabot/github_actions/dev/azure/setup-helm-5.0.1 deps/gha: bump azure/setup-helm from 5.0.0 to 5.0.1
-
Théophile Diot (26 Jun 26)
Merge pull request #3673 from bunkerity/dependabot/github_actions/dev/github/codeql-action/upload-sarif-4.36.2 deps/gha: bump github/codeql-action/upload-sarif from 3.36.2 to 4.36.2
-
TheophileDiot (26 Jun 26)
docs(plugins): add Authentik, Cloudflare, Matrix to official plugins list
-
dependabot[bot] (26 Jun 26)
deps/gha: bump github/codeql-action/upload-sarif from 3.36.2 to 4.36.2 Bumps [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) from 3.36.2 to 4.36.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3.36.2...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) --- updated-dependencies: - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
-
dependabot[bot] (25 Jun 26)
deps/gha: bump azure/setup-helm from 5.0.0 to 5.0.1 Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/setup-helm/compare/dda3372f752e03dde6b3237bc9431cdc2f7a02a2...9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310) --- updated-dependencies: - dependency-name: azure/setup-helm dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
-
dependabot[bot] (25 Jun 26)
deps/gha: bump github/codeql-action from 3.36.2 to 4.36.2 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.36.2 to 4.36.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3.36.2...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
-
Théophile Diot (24 Jun 26)
Merge pull request #3655 from bunkerity/dependabot/github_actions/dev/actions/checkout-7.0.0 deps/gha: bump actions/checkout from 6.0.3 to 7.0.0
-
Théophile Diot (24 Jun 26)
Merge pull request #3661 from bunkerity/dependabot/github_actions/dev/ruby/setup-ruby-1.314.0 deps/gha: bump ruby/setup-ruby from 1.313.0 to 1.314.0
-
Théophile Diot (24 Jun 26)
Merge pull request #3662 from bunkerity/dependabot/github_actions/dev/softprops/action-gh-release-3.0.1 deps/gha: bump softprops/action-gh-release from 3.0.0 to 3.0.1
-
Théophile Diot (24 Jun 26)
Merge pull request #3665 from bunkerity/dependabot/github_actions/dev/actions/setup-python-6.3.0 deps/gha: bump actions/setup-python from 6.2.0 to 6.3.0
-
TheophileDiot (24 Jun 26)
chore: Update Trivy configuration to ignore unfixed vulnerabilities and clarify ignore file comments
-
TheophileDiot (24 Jun 26)
chore: Move DOCKER_BUILD_SUMMARY environment variable to build steps for better control
-
TheophileDiot (24 Jun 26)
chore: Enhance Trivy integration with summary template and update workflow environment variables
-
TheophileDiot (24 Jun 26)
chore: Update workflows to allow all legs to run for Trivy SARIF uploads and add Python package ignore policy
BunkerWeb Security
Security Advisories (2)
- low Patched CVSS 3.5
CVE-2025-8066 CVE-2025-8066 – Open Redirect vulnerability in BunkerWeb UI 1.6.X (< 1.6.4)
- low Patched
CVE-2024-53264 Open Redirect Vulnerability in Loading Page
BunkerWeb Website
Website
BunkerWeb - The open-source Web Application Firewall (WAF)
Fool attackers and protect your web services with BunkerWeb, the open-source and next-gen Web Application Firewall (WAF).
Redirects
Does not redirect
Security Checks
All 65 security checks passed
Server Details
- IP Address 51.159.125.247
- Hostname 51-159-125-247.rev.poneytelecom.eu
- Location Paris, Ile-de-France, France, EU
- ISP Scaleway SAS
- ASN AS12876
Associated Countries
-
FR -
NL
Safety Score
Website marked as safe
100%
Blacklist Check
www.bunkerweb.io was found on 0 blacklists
- AntiSocial Blacklist
- Artists Against 419
- Badbitcoin
- Bambenek Consulting
- CERT Polska
- CoinBlockerLists
- CRDF
- CryptoScamDB
- EtherAddressLookup
- EtherScamDB
- Fake Website Buster
- MetaMask EthPhishing
- NABP Not Recommended Sites
- OpenPhish
- PetScams
- PhishFeed
- PhishFort
- Phishing.Database
- PhishStats
- PhishTank
- Phishunt
- RPiList Not Serious
- Scam.Directory
- SecureReload Phishing List
- Spam404
- StopGunScams
- Suspicious Hosting IP
- ThreatFox
- ThreatLog
- TweetFeed
- URLhaus
- ViriBack C2 Tracker
Website Preview
BunkerWeb Reviews
More Firewalls
-
AFWall+
(Android - Rooted)
xdaforums.com/t/5-0-root-3-6-0-afwall-iptables-firewall-28-aug-2023.1957231Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices, which provides very fine-grained control over which Android apps are allowed to access the network.
-
Open source GUI firewall for Linux, allowing you to block internet access for certain applications. Supports both simple and advanced mode, GUI and CLI options, very easy to use, lightweight/ low-overhead, under active maintenance and backed by a strong community.
-
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Easy to install on a raspberry Pi, since it is lightweight and heavily customizable.
-
A very polished application firewall, allowing you to easily manage internet connections on a per-app basis. (Mac OS)
Not Open Source -
Firewall app for iPhone, allowing you to block any connection to any domain.
Not Open Source -
Free, open source macOS firewall. It aims to block unknown outgoing connections, unless explicitly approved by the user.
-
Provides simple and advanced ways to block access to the internet. Applications and addresses can individually be allowed or denied access to Wi-Fi and/or mobile connection.
-
Makes internet connections from all apps visible, allowing you to block or manage traffic on a per-app basis. GNU/Linux port of the Little Snitch application firewall.
-
Enterprise firewall and router for protecting networks, built on the FreeBSD system.
-
An open-source ad-blocker and firewall app for Android 6+ (does not require root).
-
An open source firewall tool for Linux that builds upon the Netfilter system built into the Linux kernel, making it easier to manage more complex configuration schemes with iptables.
-
Tool to control Windows Filtering Platform (WFP), in order to configure detailed network activity on your PC. (Windows)
-
The ufw (Uncomplicated Firewall) is a GUI application and CLI, that allows you to configure a firewall using
iptablesmuch more easily.
About the Data: BunkerWeb
Change History
- Added #378
API
You can access BunkerWeb's data programmatically via our API. Simply make a GET request to:
https://api.awesome-privacy.xyz/v1/services/bunkerweb The REST API is free, no-auth and CORS-enabled. To learn more, view the API Docs or read the API Usage Guide.
Share BunkerWeb
Help your friends compare Firewalls, and pick
privacy-respecting software and services.
Share BunkerWeb and Awesome Privacy with your network!