/janusec

Janusec Application Gateway, an application security solution which provides WAF (Web Application Firewall), CC attack defense, OAuth2 Authentication, private key protection, Web SSH operation, Web routing and scalable load balancing. JANUSEC应用网关,提供WAF、CC攻击防御、OAuth2身份认证、统一Web化管理入口、证书私钥保护、Web SSH安全运维,Web路由以及可扩展的负载均衡等功能。

Primary LanguageGoOtherNOASSERTION

Janusec Application Gateway   Tweet

Build Status

README | README中文版

Build Scalable Application Security Infrastructures

Janusec Application Gateway

Janusec Application Gateway, an application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing. With Janusec, you can build secure and scalable applications.

Key Features

  • WAF (Web Application Firewall), block SQL Injection, Cross-site Scripting, Sensitive Data Leakage, CC Attacks etc.
  • Group Policy (Cooperation with Multiple Check Points)
  • CAPTCHA support
  • Unified Web Administration, include Web SSH operation
  • OAuth2 support
  • HTTPS support, No Agent Required.
  • Certificate Protection with Private Key Encrypted Storage
  • Scalable Architecture, Load Balance and Multiple Nodes Support

Screenshots

SQL Injection Screenshot

Janusec Application Gateway Screenshot

Sensitive Data Leakage Screenshot

Janusec Application Gateway Screenshot

Product Web Site

https://janusec.github.io/

Detailed documentation is available at Janusec Application Gateway Documentation.

Requirements

  • PostgreSQL 9.3~9.6 or 10 (Required by Development and Master Node of Deployment)
  • CentOS/RHEL 7, Debian 9
  • systemd
  • Golang 1.14+ (Required by Development Only)

Quick Start for Deployment

https://janusec.github.io/documentation/quick-start/

Quick Start for Developer

go get -u github.com/Janusec/janusec
cd $GOPATH/src/github.com/Janusec/janusec

Edit config.json with PostgreSQL

"host": "127.0.0.1",
"port": "5432",
"user": "janusec",
"password": "123456",
"dbname": "janusec"

Janusec will encrypt the password automatically.
Then:

go build
su (switch to root)
./janusec

Web Administration

When listen=false in config.json :

http://your_master_node_ip_address/janusec-admin/ (first use)
https://your_application_domain_name/janusec-admin/ (after certificate configured)

When listen=true in config.json :

http://your_master_node_ip_address:9080/janusec-admin/ (first use)
https://your_master_node_domain_name:9443/janusec-admin/ (after certificate configured)

When using master node only, any application domain name can be used for admin.
But if you have one or more slave nodes, you should apply for a seperate domain name for master node.

Janusec Application Gateway Configuration

Release

go build
su
./release.sh (Only support Linux Now)

The release package is under ./dist .

Web Administration Portal

Release directory is ./static/janusec-admin/ , and source code is available at Janusec-Admin Github with Angular 9.

LICENSE

Janusec Application Gateway source files are made available under the terms of the GNU Affero General Public License (GNU AGPLv3).

Support