> Whether it's enhanced security, an enriched user experience, or technical supervision, the BunkerWeb PRO version will allow you to fully benefit from BunkerWeb and respond to your professional needs.
Is it open core? I see that the license is AGPL. Can I just edit the code to enable the "pro" features, or are they in another repo?
"enhanced security" sounds a bit like the open source version is gutted to encourage people paying for it. If so, it's a bit of a shame. Wouldn't it be better if everyone used this waf and the web would be more secure as possible for everyone?
You are right, this is an open-core model. The PRO features are proprietary and, to be precise, they are actually modules that integrate into the core of the solution. In addition to these features, the PRO version gives you access to technical support.
We completely agree with you that BunkerWeb can be used by everyone to make the web more secure. We sincerely believe that the features offered in the community version contribute significantly to this goal. Thank you for your feedback.
The BunkerNet feature is completely optional. You can disable it at any time, however, you will not be able to take advantage of crowdsourcing on threats if you do so. More information here : https://docs.bunkerweb.io/latest/security-tuning/#bunkernet
Enterprises pay a shitload of cash for that functionality of commercial WAF systems. Some allow that at a low let cost of you send your own data, and more expensive if you don't.
I'll have to check it out! The popular option for homelab or other indie scale is to just use the cloudflare's free-tier setup, which includes WAF, but I see a privacy hole where cloudflare needs to see your unencrypted HTTP traffic so that they can apply their WAF rules.
I've also been checking out CrowdSec. I appreciate it's modular architecture but it definitely deviates away from the folks that just wants to expose an HTTP service and get on with their lives. I've enjoyed the Caddy server for this reason, but yeah, not as secure-as-default when it comes to attacks a WAF would mitigate.
Is this just LUA modules? Whats the performance hit like vs a fresh install of nginx? Whats the performance like on something like ten thousand server blocks?
Performance will indeed decrease compared to a web server without security features. However, this largely depends on the BunkerWeb features you choose to enable.
Can it be integrated with an existing large nginx config with multiple domains, server and client certificates, websockets, other custom settings and different apps deployed with ansible or does it need to run the nginx process by itself?
I recently joined a new company, and one of my first tasks is to secure a simple web API using a WAF. Iād like to explore some free and open-source options to help our office avoid licensing headaches. Do you have any recommendations?
I agree it might not be worth promoting as a main feature at all. But from experience, there are users that will be very vocal about it and request a dark mode.
ThinkBeat|1 year ago
A commercial closed sourced web application firewall, where some parts / features open source and free.
Promium sourced web application firewall.
brunoqc|1 year ago
Is it open core? I see that the license is AGPL. Can I just edit the code to enable the "pro" features, or are they in another repo?
"enhanced security" sounds a bit like the open source version is gutted to encourage people paying for it. If so, it's a bit of a shame. Wouldn't it be better if everyone used this waf and the web would be more secure as possible for everyone?
bnkty|1 year ago
panarky|1 year ago
So this sketchy looking thing is also equipped with telemetry that phones home all the time?
No thanks.
bnkty|1 year ago
szszrk|1 year ago
unethical_ban|1 year ago
tegiddrone|1 year ago
I've also been checking out CrowdSec. I appreciate it's modular architecture but it definitely deviates away from the folks that just wants to expose an HTTP service and get on with their lives. I've enjoyed the Caddy server for this reason, but yeah, not as secure-as-default when it comes to attacks a WAF would mitigate.
mekster|1 year ago
canadiantim|1 year ago
bnkty|1 year ago
softwreoutthere|1 year ago
bnkty|1 year ago
KomoD|1 year ago
bnkty|1 year ago
runekaagaard|1 year ago
Can it be integrated with an existing large nginx config with multiple domains, server and client certificates, websockets, other custom settings and different apps deployed with ansible or does it need to run the nginx process by itself?
bnkty|1 year ago
Maybe you can join our Discord to discuss further about your use case.
zirkuswurstikus|1 year ago
johnchristopher|1 year ago
bnkty|1 year ago
Please note that we plan to improve it in the future with automation.
ThinkBeat|1 year ago
You could dark mode application in X Windows way back in the day with just a bit of configuration.
This may be two style sheets you can swap between or whatever. It is not impressive.
What about "Blue letters available" ohhhh .
I keep seeing apps being update and the major change being "dark mode now available".
smashed|1 year ago
fifteen1506|1 year ago
bnkty|1 year ago