Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

wafris

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

wafris

Wafris is an open-source Web Application Firewall (WAF) that runs within your Node web application (and other frameworks) powered by Redis.

latest
npmnpm
Version
0.0.2
Version published
Weekly downloads
6
20%
Maintainers
1
Weekly downloads
 
Created
Source

Wafris for Node Express

Wafris is an open-source Web Application Firewall (WAF) that runs within your Node web application (and other frameworks) powered by Redis.

Paired with Wafris Hub, you can create rules to block malicious traffic from hitting your application.

Rules and Graph

Rules like:

  • Block IP addresses (IPv6 and IPv4) from making requests
  • Block on hosts, paths, user agents, parameters, and methods
  • Rate limit (throttle) requests
  • Visualize inbound traffic and requests

Need a better explanation? Read the overview at: wafris.org

Installation and Configuration

The Wafris Node package creates a middleware function that communicates with a Redis instance that you can insert into your Express application's middleware stack.

Requirements

Setup

1. Connect on Wafris Hub

Go to https://wafris.org/hub to create a new account and follow the instructions to link your Redis instance.

Note: In Step 3, you'll use this same Redis URL in your app configuration.

2. Add the middleware to your application

Use your preferred package manager to add node-wafris. For instance, using npm

npm install https://github.com/Wafris/node-wafris.git

3. Initialize the middleware

Using the node-wafris middleware is fairly straightforward. Simply invoke the library's exported function with a configuration and use the returned middleware function in your Express application:

Note: We recommend storing the Redis URL as an environment variable or in a secret management system of your choosing rather than hard coding the string in the initializer.

import express from "express";
import wafrisMiddleware from "wafris";

const app = express();
const redisUrl = process.env.REDIS_URL || "redis://localhost:6379";

const wafrisConfig = { redisUrl };
const wafris = await wafrisMiddleware(wafrisConfig);

app.use("/", wafris);

A few configuration properties are available and all have sensible defaults. See the WafrisConfig type definition for the full list.

Not sure what Redis provider to use? Please read our Wafris Redis Providers Guide

FAQs

Package last updated on 14 Aug 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

Research

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

By Socket Research Team  -  Feb 20, 2026
Socket Joins the OpenJS Foundation

Company News

Socket Joins the OpenJS Foundation

Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

By Sarah Gooding  -  Feb 19, 2026