WGE

WGE is a high-performance web application firewall library built with C++23, designed to overcome the performance limitations of existing WAF solutions like ModSecurity in high-concurrency scenarios. It achieves significant performance gains, handling 17,560 QPS without TCMalloc and 18,864 QPS with TCMalloc, compared to ModSecurity's 4,010 and 4,927 QPS, respectively. WGE is OWASP CRS compatible, thread-safe, memory-efficient, and offers easy integration with a clean API. Its architecture includes a Security Transform Engine using Ragel state machines, an ANTLR4-driven Rules Engine, an efficient Variable System, and an optimized Operator Library. Open-sourced under the MIT License, WGE is actively maintained and community-driven, with comprehensive documentation and testing available on GitHub.