Back in mid-2023, I started working on a security application called Securebox—a Web Application Firewall (WAF) built using Golang. As someone passionate about cybersecurity and development, I wanted to create a lightweight yet powerful solution to enhance web security.
The Journey of Securebox
Securebox was initially a personal hobby project, something I worked on during my free time. I made significant progress and reached about 80% completion before other commitments forced me to put it on hold. It wasn’t until February 2025 that I finally found time to pick it up again and push it across the finish line.
Key Features of Securebox
Securebox is designed to be lightweight yet effective, offering security features such as:
✅ OWASP CRS Integration – Securebox leverages the OWASP Core Rule Set (CRS) to detect and block common web attacks.
✅ Anti-DDoS Mechanism – The application includes built-in protection against Distributed Denial of Service (DDoS) attacks.
✅ Cross-Platform Compatibility – Securebox supports major operating systems, including Linux, Windows, macOS, and even Raspberry OS.
✅ Minimal System Resource Usage – One of my primary goals was to ensure Securebox remains lightweight and efficient, making it suitable even for low-spec systems.
Performance Testing with GoTestWAF
After completing Securebox, I decided to test its effectiveness using GoTestWAF. The results were quite promising:
- Overall Grade: B+ (87.0/100)
- API Security: A+ (100%)
- Application Security: C (74.1%)
Compared to other WAF solutions, Securebox performed well in API security but had some room for improvement in certain web application attack vectors. I’m considering future enhancements based on these results.
Securebox in Action
This very blog/website you’re reading right now is protected by Securebox! Deploying my own WAF solution in a real-world environment allows me to continuously test and improve it. To ensure my website stays secure, I tested it using ImmuniWeb while being protected by Securebox. The results were impressive, my site received an "A" grade for security. ImmuniWeb performed various checks, including Software Security Testing, Compliance Testing, and Content Security Policy (CSP) Testing. The test confirmed that Securebox effectively safeguards my site, with only minor compliance recommendations such as a missing Content Security Policy (CSP). This reassures me that Securebox provides solid protection, keeping my website safe from potential threats.
What’s Next?
Although Securebox started as a hobby project, I see great potential in evolving it further. Future plans may include:
🚀 Enhancing application security to reach an A+ grade
🚀 Adding more advanced anomaly detection techniques
🚀 Optimizing performance for even lower resource usage
For now, I’m proud of what I’ve built, and I look forward to refining Securebox even further. If you’re interested in testing it out or contributing to its development, stay tuned for more updates!
Back to Previous Page