Aiwaf: an AI-Powered Web Application Firewall for Django/flask

Posted4 months agoActive4 months ago

aayushgauba

1 points

4 comments

Techstory

supportivepositive

Debate

20/100

Web Application FirewallArtificial IntelligenceDjangoFlask

Key topics

Web Application Firewall

Artificial Intelligence

Django

Flask

AIWAF is an open source Web Application Firewall built to go beyond static regex rules and simple rate limiting, which often break down when traffic patterns change or attackers adapt. Instead of relying only on hardcoded blacklists, AIWAF adds anomaly detection for abnormal request patterns, honeypot fields with timing analysis to catch bots, dynamic keyword detection to spot suspicious payloads that don’t appear on predefined lists, and adaptive IP/keyword blocking backed by CSV or database storage.

It currently works as middleware for Django and Flask and is meant to be easy to drop into existing projects without heavy configuration. The project is still early, and I’d love feedback from the community on what would make this better, whether the next focus should be deeper ML-based detection or support for additional frameworks, and how important integrations with existing tools like fail2ban or ModSecurity would be. Project site: https://aiwaf.org/

Introduction of AIWAF, an AI-powered Web Application Firewall for Django and Flask, seeking community feedback.

Snapshot generated from the HN discussion

Discussion Activity

Light discussion

First comment

13h

Peak period

12-18h

Avg / period

Key moments

01Story posted
Sep 17, 2025 at 8:05 PM EDT
4 months ago
Step 01
02First comment
Sep 18, 2025 at 9:10 AM EDT
13h after posting
Step 02
03Peak activity
1 comments in 12-18h
Hottest window of the conversation
Step 03
04Latest activity
Sep 20, 2025 at 2:28 PM EDT
4 months ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (4 comments)

Showing 4 comments

incomingpain

4 months ago

1 reply

Found it on github, few months old now. Cool project.

Something I couldnt exactly see, which AI does it use? It seems more like a daily retraining on the box itself? Not a like openai or ollama type ai?

aayushgaubaAuthor

4 months ago

1 reply

Yep, good eye, AIWAF doesn’t use OpenAI/Ollama by default. The core AI right now is an Isolation Forest model for anomaly detection. It retrains locally (daily/weekly depending on your setup) on your own logs so it adapts to your traffic patterns without sending data off box.

The goal is privacy + lightweight, so it’s CPU friendly, keeps data in your infra, and you don’t need an external LLM

incomingpain

4 months ago

1 reply

Interesting, I had vaguely heard of isolation forests before but dont think i understood their use.

Interesting projec, I wish you the best!

aayushgaubaAuthor

4 months ago

Thanks a lot!

View full discussion on Hacker News

ID: 45283083Type: storyLast synced: 11/17/2025, 4:03:38 PM

Want the full context?