Getting Started¶
This guide walks you through building and running Website Defender from source.
Prerequisites¶
| Requirement | Version | Notes |
|---|---|---|
| Go | 1.25+ | Backend compilation |
| Node.js | 20+ | Frontend build toolchain |
| Nginx | Any recent | Must include the auth_request module |
Nginx auth_request Module
The auth_request module is included by default in most Nginx packages. You can verify by running nginx -V and checking for --with-http_auth_request_module.
Build¶
The project includes a build script that compiles both the Vue 3 frontends and the Go backend into a single binary.
# 1. Clone the repository
git clone https://github.com/Flmelody/open-website-defender.git
cd open-website-defender
# 2. Build the project
./scripts/build.sh
Custom Build Configuration
You can customize build-time settings via environment variables or by editing scripts/build.sh. See Environment Variables for available options.
The build script will:
- Build the guard frontend (
ui/guard) with Vite - Build the admin frontend (
ui/admin) with Vite - Compile the Go backend with embedded frontend assets
- Output a single binary named
appin the project root
Run¶
After building, start the application:
The application starts with default configuration and is immediately ready to use.
| Setting | Default Value |
|---|---|
| Admin URL | http://localhost:9999/wall/admin/ |
| Default Username | defender |
| Default Password | defender |
Change Default Credentials
The default username and password are both defender. Change these immediately after first login, especially in production environments. Default credentials are a common attack vector.
Next Steps¶
- Configure Nginx to use Website Defender as an auth provider
- Review the configuration to customize runtime settings
- Set up the WAF and review built-in filtering rules
- Manage users and assign domain scopes