This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP VFW Project

Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP VFW (Varnish FireWall) (home page)
Purpose: The purpose of this project is to mitigate web applications threats using Varnish. Varnish ( is a modern, very flexible and scalable reverse-proxy system which supports VCL, a wonderful domain-specific language to deal with HTTP (to handle headers, routing, rewrite and block requests, etc). Nowadays, many big Internet services are behind Varnish and we can bring some security policies to it.

In another words: Varnish as a Web Application Firewall; A kind of mod_security for Varnish; Varnish security filters.

License: Apache License 2.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases