docs: add waf docs (#16)

* docs: add Waf feature * Fix: typo * Fix: replace demo link * Update overview.mdx --------- Co-authored-by: Gucheng <[email protected]>
casbin · May 11, 2024 · aa45c43 · aa45c43
1 parent 26f9ba0
commit aa45c43
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 12 deletions.
diff --git a/docs/core-concepts.mdx b/docs/core-concepts.mdx
@@ -18,20 +18,28 @@ type Site struct {
     Owner       string `xorm:"varchar(100) notnull pk" json:"owner"`
     Name        string `xorm:"varchar(100) notnull pk" json:"name"`
     CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
+    UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
     DisplayName string `xorm:"varchar(100)" json:"displayName"`
 
-    Domain   string `xorm:"varchar(100)" json:"domain"`
-    Host     string `xorm:"varchar(100)" json:"host"`
-    SslMode  string `xorm:"varchar(100)" json:"sslMode"`
-    SslCert  string `xorm:"varchar(100)" json:"sslCert"`
-    PublicIp string `xorm:"varchar(100)" json:"publicIp"`
-    Node     string `xorm:"varchar(100)" json:"node"`
-    IsSelf   bool   `json:"isSelf"`
+    Tag          string     `xorm:"varchar(100)" json:"tag"`
+    Domain       string     `xorm:"varchar(100)" json:"domain"`
+    OtherDomains []string   `xorm:"varchar(500)" json:"otherDomains"`
+    NeedRedirect bool       `json:"needRedirect"`
+    EnableWaf    bool       `json:"enableWaf"`
+    Waf          coraza.WAF `xorm:"-" json:"-"`
+    Challenges   []string   `xorm:"mediumtext" json:"challenges"`
+    Host         string     `xorm:"varchar(100)" json:"host"`
+    Port         int        `json:"port"`
+    SslMode      string     `xorm:"varchar(100)" json:"sslMode"`
+    SslCert      string     `xorm:"-" json:"sslCert"`
+    PublicIp     string     `xorm:"varchar(100)" json:"publicIp"`
+    Node         string     `xorm:"varchar(100)" json:"node"`
+    IsSelf       bool       `json:"isSelf"`
+    Status       string     `xorm:"varchar(100)" json:"status"`
+    Nodes        []*Node    `xorm:"mediumtext" json:"nodes"`
 
-    CasdoorApplication string `xorm:"varchar(100)" json:"casdoorApplication"`
-
-    SslCertObj     *Cert                `xorm:"-" json:"sslCertObj"`
-    ApplicationObj *casdoor.Application `xorm:"-" json:"applicationObj"`
+    CasdoorApplication string                  `xorm:"varchar(100)" json:"casdoorApplication"`
+    ApplicationObj     *casdoorsdk.Application `xorm:"-" json:"applicationObj"`
 }
 ```
 

diff --git a/docs/installation.mdx b/docs/installation.mdx
@@ -64,6 +64,10 @@ CasWAF uses XORM to connect to DB, so all DBs supported by XORM can also be used
 
 ### Configure Casdoor
 
+:::info
+In order not to affect Docker users, we temporarily chose to embed the WAF rules into the binary, if you need to change the default rules (`conf/waf.conf`), please do so before compiling.
+:::
+
 After creating an organization and an application for CasWAF in a Casdoor, you need to update `clientID`, `clientSecret`, `casdoorOrganization` and `casdoorApplication` in app.conf and Conf.js to change the configuration.
 
 - Backend (conf/app.conf)

diff --git a/docs/overview.mdx b/docs/overview.mdx
@@ -19,6 +19,8 @@ CasWAF is an open-source Web Application Firewall (WAF) software developed by Go
 
 5. OAuth proxy. CasWAF supports OAuth login, which can be integrated with the existing OAuth system such as [Casdoor](https://casdoor.org/).
 
+6. Firewall. CasWAF uses [Coraza](https://github.com/corazawaf/coraza) as the firewall engine, which can protect the website from many common attack categories. Supports customized WAF rules.
+
 ## How it works
 
 CasWAF has both reverse proxy and OAuth proxy functionalities. If you haven't configured OAuth for your website, it will function solely as a reverse proxy server.
@@ -43,7 +45,7 @@ In CasWAF, we use [Casdoor](https://casdoor.org/) as the Identity Provider (IdP)
 
 Here is an online demo:
 
-- Deployed site: [https://waf.casbin.com/](https://waf.casbin.com/)
+- Deployed site: [https://door.caswaf.com](https://door.caswaf.com)
 
 Global admin login:
 

diff --git a/docs/site.mdx b/docs/site.mdx
@@ -19,6 +19,7 @@ This section will provide a detailed explanation of the properties and usage of
   - e.g. `localhost:8080`
 - `Public IP (Optional)`: The public IP of the site (if available).
 - `Node (Optional)`: The name of the host on which the site is deployed.
+- `Enable WAF`: Whether this site uses a built-in firewall.
 - `SSL mode`: The SSL mode of the site. It can be `HTTP` or `HTTPS and HTTP` or `HTTPS Only`.
   - `HTTP`: The site is not using SSL. Users can access the site **only** via HTTP.
   - `HTTPS and HTTP`: The site is using SSL and HTTP. Users can access the site via **both** HTTP and HTTPS.