Gate deployments on WAF scan results with WAFtester

Name: Gate deployments on WAF scan results with WAFtester
Availability: InStock
Author: Qandil

Gate deployments on WAF scan results with WAFtester preview

Open on n8n.io

$20/month : Unlimited workflows

2500 executions/month

Try free

THE #1 IN WEB SCRAPING

Scrape any website without limits

Try free

HOSTINGER

Early Deal
DISCOUNT 20%

Self-hosted n8n

Unlimited workflows - from $4.99/mo

Try free

#1 hub for scraping, AI & automation

6000+ actors - $5 credits/mo

Try free

Overview

What it does

A CI/CD quality gate that blocks deployments when WAF protection is insufficient. Your pipeline sends a webhook with the target URL, the workflow runs WAFtester scans, and returns a pass/fail HTTP response the pipeline can gate on.

About WAFtester

WAFtester is an open-source CLI for testing Web Application Firewalls. It ships 27 MCP tools, 2,800+ attack payloads across 18 categories (SQLi, XSS, SSRF, SSTI, command injection, XXE, and more), detection signatures for 26 WAF vendors and 9 CDNs, and enterprise-grade assessment with F1/MCC scoring and letter grades (A+ through F).

GitHub: github.com/waftester/waftester
Docs: Installation | Examples | Commands

Who it's for

DevOps teams enforcing security gates in CI/CD
Platform engineers automating deployment approvals
Security teams requiring pre-deploy WAF validation

How it works

The workflow has seven nodes:

Webhook — Receives a POST with {"target": "https://staging.example.com", "categories": ["sqli", "xss"]}
Detect WAF — Calls WAFtester's detect_waf tool to fingerprint the WAF vendor
Start Scan — Launches an async scan task with the requested attack categories
Wait — Pauses to let the scan run
Poll Results — Calls get_task_status to retrieve completed results
Evaluate — Compares the detection rate against WAF_PASS_THRESHOLD
Respond — Returns HTTP 200 (pass, deploy allowed) or HTTP 422 (fail, deploy blocked) with bypass details

CI/CD integration example

# In your pipeline
RESPONSE=$(curl -s -w "%{http_code}" -o body.json \
 -X POST https://your-n8n/webhook/waf-gate \
 -H "Content-Type: application/json" \
 -d '{"target": "https://staging.example.com", "categories": ["sqli", "xss"]}')
if [ "$RESPONSE" != "200" ]; then echo "WAF gate failed"; exit 1; fi

Qandil

3 workflows

Complexity

intermediate

Published 17 Feb 2026

Likes 0

View on n8n.io Download Workflow

Install path: /data/workflows/13445/13445.json

Share Your Workflow

Have a useful automation to share? Publish it and help the community.

Submit Your Template How to Submit

Related Workflows

Monitor n8n workflows with Watchflow dead man’s switch and error alerts

![image.png](fileId:5456) # 🚀 Your n8n Workflows Monitoring Best Practices Template Are you running critical processes in n8n and relying on hope that they finish successfully? Stop guessing and start monitoring. This template demonstrates **best practices** for monitoring your n8n workflows using the [Watchflow](https://watchflow.io) node. It shows you exactly how to implement robust error catching, data aggregation, and dead man's switch logic to ensure your automation engine never fails silently. For a deeper dive into these strategies, check out our guide on [n8n Monitoring Use Cases](https://www.watchflow.io/use-cases/n8n-monitoring/). --- ## 💎 Why You Need These Monitoring Practices Simply knowing a workflow ran isn't enough. Did it actually process any data? Did an API silently return zero results? Did a specific node crash without you noticing? This template teaches you how to: - **Implement a Dead Man’s Switch**: Monitor that at least one item is successfully processed on schedule. Get alerted even if your trigger or server fails quietly. - **Ensure Performance Transparency**: Aggregate your results to see the exact number of processed items. Easily detect "successful" runs that accidentally processed zero data. - **Set Up Instant Incident Alerting**: Receive immediate notifications the moment an unexpected error occurs, including the specific error message and a direct link to the exact failed execution. --- ## 🛠️ What’s Under the Hood? This template provides a clear, annotated example of a simulated workflow, paired with robust monitoring logic: 1. **Simulated Data Pipeline**: Follows a standard Extract-Transform-Load (ETL) pattern, fetching dummy items, transforming them, and simulating a final load step. 2. **Data Aggregation & Validation**: Instead of just finishing the execution, the workflow uses an `Aggregate` node to count the exact number of successful items processed. 3. **The Watchflow Success Ping**: If items were processed successfully, it sends a precise "Success" heartbeat to Watchflow, logging the exact item count metric. 4. **Global Error Handler (Error Trigger)**: This template utilizes n8n's native built-in `Error Trigger` node. Instead of configuring custom error-handling "Continue on Fail" logic for every single node, this trigger acts as a global safety net. If *any* node in the workflow fails unexpectedly, the Error Trigger automatically catches the failure event and intercepts critical execution data (such as the detailed error message, the execution ID, the workflow ID, and the exact node that failed). * *(Pro tip: You can save this error-handling sequence as its own workflow, and then go to **Settings** in all your other workflows to set it as your default "Error Workflow".)* 5. **Instant Failure Reporting**: The captured execution payload is instantly pushed to the Watchflow node. You receive an alert with the complete failure details and a direct link to the exact execution. No more digging through n8n execution histories—just click and debug. --- ## ⚡ Quick Start (Requirements) To deploy these best practices in your own environment, you'll need: 1. **Watchflow Node**: Install the official community node via npm: `@watchflow/n8n-nodes-watchflow`. 2. **Watchflow API Key**: [Sign up at watchflow.io](https://watchflow.io), navigate to **Settings**, and grab your key from the **API Key** section. 3. **n8n API Key**: In your n8n workspace, head to **Settings** -> **n8n API** to generate your key. 4. *(Tip for Credentials)*: When adding your n8n API credentials in Watchflow, ensure you append `/v1/api` to your base URL (e.g., `https://n8n.yourdomain.com/v1/api`). --- ## 📈 The Result? Total Observability. Copy these patterns into your daily automations. Whether you're syncing customer data, updating CRMs, or handling billing syncs, implementing these **Watchflow Monitoring Best Practices** will transform your n8n instance from a black box into a highly transparent, fully observable system.

View

Monitor workflow errors with n8n API, log to Google Sheets, and alert via Slack

## Who is this for? This workflow is built for **n8n admins**, **automation agencies**, **solopreneurs**, and **ops teams** running multiple workflows in production who need to know the moment something breaks. If you're manually checking your n8n execution logs every day to catch failures or worse, finding out about broken workflows days later this template gives you real-time monitoring with zero effort. ## What problem does this solve? - Failed workflows go unnoticed for hours or days because nobody checks the execution log - When you do find a failure, you have to dig through execution data to figure out what went wrong - No centralized error history you can't spot patterns or recurring issues - Alert fatigue from generic monitoring tools that don't tell you *why* something failed or *how* to fix it ## What this workflow does This workflow monitors your **entire n8n instance** for failed executions and handles the full error lifecycle automatically: - **Continuous monitoring** runs every minute on a schedule (or on-demand via webhook) - **Smart filtering** only processes failures from the last 5 minutes and excludes its own executions to prevent alert loops - **Automatic error classification** categorizes every failure into one of 7 types: Auth Error, Rate Limit, Network, Data/Config Error, Not Found, Server Error, and Permission - **Severity assignment** tags each error as 🔴 Critical, 🟠 High, or 🟡 Medium - **Suggested fixes** — generates an actionable fix suggestion for each error category (e.g., "Re-authenticate credential for: [node name]") - **Google Sheets logging** appends a detailed row to your error log with timestamp, workflow name, error category, severity, message, suggested fix, and retry status - **Color-coded Slack alerts** sends a formatted message to your alerts channel with the workflow name, failed node, error type, error message, suggested fix, and clickable links to the workflow and execution ## Setup ### Credentials needed - **n8n API Key** HTTP Header Auth credential with header name `X-N8N-API-KEY` - **Google Sheets** OAuth credentials - **Slack** OAuth credentials ### Configuration 1. Create an API key in your n8n instance (Settings → API) 2. Add it as an HTTP Header Auth credential in n8n with the header name `X-N8N-API-KEY` 3. Open the **Get Failures** and **Get Execution Detail** nodes and replace `YOUR-N8N-INSTANCE-URL` with your actual n8n domain (e.g., `n8n.yourcompany.com`) 4. Create a Google Sheet with these columns: Timestamp, Workflow Name, Workflow ID, Execution ID, Failed Node, Error Category, Severity, Error Message, Suggested Fix, Retryable, Status, Notes 5. Open the **Log to Sheet** node and update the spreadsheet ID 6. Open the **Slack Alert** node and set the channel to your alerts channel (e.g., `#n8n-errors`) ### Test it Manually trigger the webhook, or intentionally break a test workflow and wait one minute for the scheduled check. You should see a Slack alert and a new row in your Google Sheet. ## How to customize this workflow - **Different alerting channel?** Replace or duplicate the Slack node to send alerts to Microsoft Teams, Discord, email, or PagerDuty - **Auto-retry?** Add a retry branch after the Classify Error node that automatically re-runs retryable executions (Rate Limit, Network, Server Error) via the n8n API - **Different logging?** Replace the Google Sheets node with Airtable, Notion, or a database insert for more structured tracking - **Adjust the schedule?** Change the Schedule Trigger from every minute to every 5 minutes, 15 minutes, or hourly depending on your needs - **Add more error categories?** Extend the classification logic in the Classify Error code node to handle domain-specific errors (e.g., Stripe payment failures, Shopify API errors)

View

Sync self-hosted workflow backups to GitHub for version control

Automatically back up and sync your n8n workflows to GitHub with unlimited version control. This workflow ensures your repository always reflects the latest state of your n8n instance by creating, updating, and deleting workflow files as needed. Ideal for developers, teams, and DevOps use cases where workflow backup, versioning, and audit tracking are important. ## ♾️ Unlimited Version Control This workflow enables unlimited version control using GitHub, solving the limitation of version history that is not available in the self-hosted free version of n8n. Every workflow change is stored as a Git commit, allowing you to: Track full history of changes Roll back to previous versions anytime Maintain a reliable audit trail ## ⚡ Key Features 🔄 Automatic Sync – Runs on a schedule to keep workflows updated 🆕 Create New Workflows – Automatically adds new workflows to GitHub ✏️ Update Only When Changed – Detects and updates modified workflows 🧹 Auto Cleanup – Removes deleted or renamed workflows from GitHub ⚡ Smart Diff Check – Skips unchanged workflows to avoid unnecessary commits 🕒 Timestamped Commits – Clear and trackable commit history ♾️ Unlimited Version Control – Store unlimited workflow versions in GitHub ## 🛠️ How It Works Fetch existing files from your GitHub repository Retrieve all workflows from your n8n instance via API Compare workflows using size-based change detection Create or update workflow JSON files in GitHub Remove orphaned files (deleted or renamed workflows) ## ⚙️ Setup Requirements GitHub Personal Access Token (with repo scope) n8n API Key (Settings → API) A GitHub repository for storing workflow backups Update GitHub nodes with your repository name and owner Configure the schedule trigger as needed ## 📁 File Naming Workflows are stored as: workflow-name.json (lowercase, hyphen-separated) ## 🛡️ Safety Mechanism Includes a safety check to prevent accidental deletion of all files if the n8n API returns zero workflows (e.g., due to an error). ## 💡 Use Cases Backup and restore n8n workflows Version control and change tracking Team collaboration via GitHub CI/CD integration for workflow management ## 📬 Support Contact us for suggestions or support: [email protected]

View

Need Custom Automation?

Get help designing a custom n8n workflow that connects your stack and fits your process.

Gate deployments on WAF scan results with WAFtester

Workflow preview

Overview

What it does

About WAFtester

Who it's for

How it works

CI/CD integration example