How do I deploy nginx-modsecurity-waf on Railway?

You can deploy nginx-modsecurity-waf on Railway by clicking the "Deploy Now" button on this page. Railway will automatically set up all the necessary services and configurations for you.

What are the system requirements?

Railway handles all the infrastructure requirements. You only need a web browser to deploy and manage your application.

Is this template free to use?

Yes, this template is free to use within your existing Railway account.

Can I customize this template?

Yes, you can fully customize this template. After deployment, you will have full control of what you've deployed in your Railway project.

How do I get support for this template?

You can get support through our community forum: nginx-modsecurity-waf-126e8394, or join our Discord community for more assistance.

Deploy and Host nginx-modsecurity-waf on Railway

nginx-modsecurity-waf is a lightweight security reverse proxy built with Nginx, ModSecurity 3, and the OWASP Core Rule Set. It filters and blocks common web attacks before they reach your backend.

About Hosting nginx-modsecurity-waf

Deploying nginx-modsecurity-waf means running an Nginx reverse proxy with ModSecurity enabled and CRS rules loaded. The WAF inspects every request and only forwards clean traffic to your backend. On Railway it listens on port 8080 and connects to your app using the BACKEND environment variable. Railway handles networking, scaling, and SSL termination so you get a fully managed WAF with minimal setup.

Common Use Cases

Protecting APIs and web apps from common attacks
Securing legacy apps without modifying the code
Adding a filtering layer in front of microservices

Dependencies for nginx-modsecurity-waf Hosting

A reachable backend service
DNS resolvers for outbound traffic

Deployment Dependencies

Implementation Details

Example environment variables:

PORT=8080
BACKEND=http://backend:8080
BLOCKING_PARANOIA=1
DETECTION_PARANOIA=1
MODSEC_AUDIT_ENGINE=RelevantOnly
MODSEC_AUDIT_LOG=/dev/stdout
ALLOWED_METHODS=GET HEAD POST OPTIONS
ALLOWED_REQUEST_CONTENT_TYPE="|application/json|"
RESOLVERS="8.8.8.8 1.1.1.1"
SSL_ENGINE=off
NGINX_ALWAYS_TLS_REDIRECT=off

Health check path: /healthz

Why Deploy nginx-modsecurity-waf on Railway?

Railway is a singular platform to deploy your infrastructure stack. Railway will host your infrastructure so you do not have to deal with configuration while allowing you to vertically and horizontally scale it.

By deploying nginx-modsecurity-waf on Railway, you are one step closer to supporting a complete full stack application with minimal burden. Host your servers, databases, AI agents, and more on Railway.