aiwaf 0.1.8.6__py3-none-any.whl → 0.1.8.7__py3-none-any.whl

aiwaf/blacklist_manager.py

@@ -1,14 +1,24 @@
-from .models import BlacklistEntry
+# aiwaf/blacklist_manager.py
+
+from .storage import get_blacklist_store
 
 class BlacklistManager:
     @staticmethod
     def block(ip, reason):
-        BlacklistEntry.objects.get_or_create(ip_address=ip, defaults={"reason": reason})
+        store = get_blacklist_store()
+        store.add_ip(ip, reason)
 
     @staticmethod
     def is_blocked(ip):
-        return BlacklistEntry.objects.filter(ip_address=ip).exists()
+        store = get_blacklist_store()
+        return store.is_blocked(ip)
 
     @staticmethod
     def all_blocked():
-        return BlacklistEntry.objects.all()
+        store = get_blacklist_store()
+        return store.get_all()
+    
+    @staticmethod
+    def unblock(ip):
+        store = get_blacklist_store()
+        store.remove_ip(ip)

aiwaf/management/commands/add_ipexemption.py

@@ -1,5 +1,5 @@
 from django.core.management.base import BaseCommand, CommandError
-from aiwaf.models import IPExemption
+from aiwaf.storage import get_exemption_store
 
 class Command(BaseCommand):
     help = 'Add an IP address to the IPExemption list (prevents blacklisting)'
@@ -11,12 +11,13 @@ class Command(BaseCommand):
     def handle(self, *args, **options):
         ip = options['ip']
         reason = options['reason']
-        obj, created = IPExemption.objects.get_or_create(ip_address=ip, defaults={'reason': reason})
-        if not created:
+        
+        store = get_exemption_store()
+        
+        if store.is_exempted(ip):
             self.stdout.write(self.style.WARNING(f'IP {ip} is already exempted.'))
         else:
+            store.add_ip(ip, reason)
             self.stdout.write(self.style.SUCCESS(f'IP {ip} added to exemption list.'))
-        if reason:
-            obj.reason = reason
-            obj.save()
-            self.stdout.write(self.style.SUCCESS(f'Reason set to: {reason}'))
+            if reason:
+                self.stdout.write(self.style.SUCCESS(f'Reason: {reason}'))

aiwaf/management/commands/aiwaf_reset.py

@@ -1,5 +1,5 @@
 from django.core.management.base import BaseCommand
-from aiwaf.models import BlacklistEntry, IPExemption
+from aiwaf.storage import get_blacklist_store, get_exemption_store
 
 class Command(BaseCommand):
     help = 'Reset AI-WAF by clearing all blacklist and exemption (whitelist) entries'
@@ -26,9 +26,12 @@ class Command(BaseCommand):
         exemptions_only = options['exemptions_only']
         confirm = options['confirm']
         
+        blacklist_store = get_blacklist_store()
+        exemption_store = get_exemption_store()
+        
         # Count current entries
-        blacklist_count = BlacklistEntry.objects.count()
-        exemption_count = IPExemption.objects.count()
+        blacklist_count = len(blacklist_store.get_all())
+        exemption_count = len(exemption_store.get_all())
         
         if blacklist_only and exemptions_only:
             self.stdout.write(self.style.ERROR('Cannot use both --blacklist-only and --exemptions-only flags'))
@@ -61,10 +64,18 @@ class Command(BaseCommand):
         deleted_counts = {'blacklist': 0, 'exemptions': 0}
         
         if clear_blacklist:
-            deleted_counts['blacklist'], _ = BlacklistEntry.objects.all().delete()
+            # Clear blacklist entries
+            blacklist_entries = blacklist_store.get_all()
+            for entry in blacklist_entries:
+                blacklist_store.remove_ip(entry['ip_address'])
+            deleted_counts['blacklist'] = len(blacklist_entries)
         
         if clear_exemptions:
-            deleted_counts['exemptions'], _ = IPExemption.objects.all().delete()
+            # Clear exemption entries
+            exemption_entries = exemption_store.get_all()
+            for entry in exemption_entries:
+                exemption_store.remove_ip(entry['ip_address'])
+            deleted_counts['exemptions'] = len(exemption_entries)
         
         # Report results
         if clear_blacklist and clear_exemptions:

aiwaf/middleware.py

@@ -16,8 +16,9 @@ from django.apps import apps
 from django.urls import get_resolver
 from .trainer import STATIC_KW, STATUS_IDX, path_exists_in_django
 from .blacklist_manager import BlacklistManager
-from .models import DynamicKeyword, IPExemption
+from .models import IPExemption
 from .utils import is_exempt, get_ip, is_ip_exempted
+from .storage import get_keyword_store
 
 MODEL_PATH = getattr(
     settings,
@@ -74,15 +75,14 @@ class IPAndKeywordBlockMiddleware:
             return self.get_response(request)
         if BlacklistManager.is_blocked(ip):
             return JsonResponse({"error": "blocked"}, status=403)
+        
+        keyword_store = get_keyword_store()
         segments = [seg for seg in re.split(r"\W+", path) if len(seg) > 3]
+        
         for seg in segments:
-            obj, _ = DynamicKeyword.objects.get_or_create(keyword=seg)
-            DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + 1)
-        dynamic_top = list(
-            DynamicKeyword.objects
-            .order_by("-count")
-            .values_list("keyword", flat=True)[: getattr(settings, "AIWAF_DYNAMIC_TOP_N", 10)]
-        )
+            keyword_store.add_keyword(seg)
+            
+        dynamic_top = keyword_store.get_top_keywords(getattr(settings, "AIWAF_DYNAMIC_TOP_N", 10))
         all_kw = set(STATIC_KW) | set(dynamic_top)
         suspicious_kw = {
             kw for kw in all_kw
@@ -172,10 +172,11 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         data.append((now, request.path, response.status_code, resp_time))
         data = [d for d in data if now - d[0] < self.WINDOW]
         cache.set(key, data, timeout=self.WINDOW)
+        
+        keyword_store = get_keyword_store()
         for seg in re.split(r"\W+", request.path.lower()):
             if len(seg) > 3:
-                obj, _ = DynamicKeyword.objects.get_or_create(keyword=seg)
-                DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + 1)
+                keyword_store.add_keyword(seg)
 
         return response
 

aiwaf/storage.py

@@ -2,19 +2,33 @@ import os, csv, gzip, glob
 import numpy as np
 import pandas as pd
 from django.conf import settings
-from .models import FeatureSample
+from django.utils import timezone
+from .models import FeatureSample, BlacklistEntry, IPExemption, DynamicKeyword
+
+# Configuration
+STORAGE_MODE = getattr(settings, "AIWAF_STORAGE_MODE", "models")  # "models" or "csv"
+CSV_DATA_DIR = getattr(settings, "AIWAF_CSV_DATA_DIR", "aiwaf_data")
+FEATURE_CSV = getattr(settings, "AIWAF_CSV_PATH", os.path.join(CSV_DATA_DIR, "access_samples.csv"))
+BLACKLIST_CSV = os.path.join(CSV_DATA_DIR, "blacklist.csv")
+EXEMPTION_CSV = os.path.join(CSV_DATA_DIR, "exemptions.csv") 
+KEYWORDS_CSV = os.path.join(CSV_DATA_DIR, "keywords.csv")
 
-DATA_FILE  = getattr(settings, "AIWAF_CSV_PATH", "access_samples.csv")
 CSV_HEADER = [
     "ip","path_len","kw_hits","resp_time",
     "status_idx","burst_count","total_404","label"
 ]
 
+def ensure_csv_directory():
+    """Ensure the CSV data directory exists"""
+    if STORAGE_MODE == "csv" and not os.path.exists(CSV_DATA_DIR):
+        os.makedirs(CSV_DATA_DIR)
+
 class CsvFeatureStore:
     @staticmethod
     def persist_rows(rows):
-        new_file = not os.path.exists(DATA_FILE)
-        with open(DATA_FILE, "a", newline="", encoding="utf-8") as f:
+        ensure_csv_directory()
+        new_file = not os.path.exists(FEATURE_CSV)
+        with open(FEATURE_CSV, "a", newline="", encoding="utf-8") as f:
             w = csv.writer(f)
             if new_file:
                 w.writerow(CSV_HEADER)
@@ -22,10 +36,10 @@ class CsvFeatureStore:
 
     @staticmethod
     def load_matrix():
-        if not os.path.exists(DATA_FILE):
+        if not os.path.exists(FEATURE_CSV):
             return np.empty((0,6))
         df = pd.read_csv(
-            DATA_FILE,
+            FEATURE_CSV,
             names=CSV_HEADER,
             skiprows=1,
             engine="python",
@@ -59,3 +73,279 @@ def get_store():
     if getattr(settings, "AIWAF_FEATURE_STORE", "csv") == "db":
         return DbFeatureStore
     return CsvFeatureStore
+
+
+# ============= CSV Storage Classes =============
+
+class CsvBlacklistStore:
+    """CSV-based storage for IP blacklist entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason):
+        ensure_csv_directory()
+        # Check if IP already exists
+        if CsvBlacklistStore.is_blocked(ip_address):
+            return
+        
+        # Add new entry
+        new_file = not os.path.exists(BLACKLIST_CSV)
+        with open(BLACKLIST_CSV, "a", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            if new_file:
+                writer.writerow(["ip_address", "reason", "created_at"])
+            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+    
+    @staticmethod
+    def is_blocked(ip_address):
+        if not os.path.exists(BLACKLIST_CSV):
+            return False
+        
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                if row["ip_address"] == ip_address:
+                    return True
+        return False
+    
+    @staticmethod
+    def get_all():
+        """Return list of dictionaries with blacklist entries"""
+        if not os.path.exists(BLACKLIST_CSV):
+            return []
+        
+        entries = []
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                entries.append(row)
+        return entries
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        if not os.path.exists(BLACKLIST_CSV):
+            return
+        
+        # Read all entries except the one to remove
+        entries = []
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            entries = [row for row in reader if row["ip_address"] != ip_address]
+        
+        # Write back the filtered entries
+        with open(BLACKLIST_CSV, "w", newline="", encoding="utf-8") as f:
+            if entries:
+                writer = csv.DictWriter(f, fieldnames=["ip_address", "reason", "created_at"])
+                writer.writeheader()
+                writer.writerows(entries)
+
+
+class CsvExemptionStore:
+    """CSV-based storage for IP exemption entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason=""):
+        ensure_csv_directory()
+        # Check if IP already exists
+        if CsvExemptionStore.is_exempted(ip_address):
+            return
+        
+        # Add new entry
+        new_file = not os.path.exists(EXEMPTION_CSV)
+        with open(EXEMPTION_CSV, "a", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            if new_file:
+                writer.writerow(["ip_address", "reason", "created_at"])
+            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+    
+    @staticmethod
+    def is_exempted(ip_address):
+        if not os.path.exists(EXEMPTION_CSV):
+            return False
+        
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                if row["ip_address"] == ip_address:
+                    return True
+        return False
+    
+    @staticmethod
+    def get_all():
+        """Return list of dictionaries with exemption entries"""
+        if not os.path.exists(EXEMPTION_CSV):
+            return []
+        
+        entries = []
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                entries.append(row)
+        return entries
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        if not os.path.exists(EXEMPTION_CSV):
+            return
+        
+        # Read all entries except the one to remove
+        entries = []
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            entries = [row for row in reader if row["ip_address"] != ip_address]
+        
+        # Write back the filtered entries
+        with open(EXEMPTION_CSV, "w", newline="", encoding="utf-8") as f:
+            if entries:
+                writer = csv.DictWriter(f, fieldnames=["ip_address", "reason", "created_at"])
+                writer.writeheader()
+                writer.writerows(entries)
+
+
+class CsvKeywordStore:
+    """CSV-based storage for dynamic keywords"""
+    
+    @staticmethod
+    def add_keyword(keyword, count=1):
+        ensure_csv_directory()
+        
+        # Read existing keywords
+        keywords = CsvKeywordStore._load_keywords()
+        
+        # Update or add keyword
+        keywords[keyword] = keywords.get(keyword, 0) + count
+        
+        # Save back to file
+        CsvKeywordStore._save_keywords(keywords)
+    
+    @staticmethod
+    def get_top_keywords(limit=10):
+        keywords = CsvKeywordStore._load_keywords()
+        # Sort by count in descending order and return top N
+        sorted_keywords = sorted(keywords.items(), key=lambda x: x[1], reverse=True)
+        return [kw for kw, count in sorted_keywords[:limit]]
+    
+    @staticmethod
+    def remove_keyword(keyword):
+        keywords = CsvKeywordStore._load_keywords()
+        if keyword in keywords:
+            del keywords[keyword]
+            CsvKeywordStore._save_keywords(keywords)
+    
+    @staticmethod
+    def clear_all():
+        if os.path.exists(KEYWORDS_CSV):
+            os.remove(KEYWORDS_CSV)
+    
+    @staticmethod
+    def _load_keywords():
+        """Load keywords from CSV file as a dictionary"""
+        if not os.path.exists(KEYWORDS_CSV):
+            return {}
+        
+        keywords = {}
+        with open(KEYWORDS_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                keywords[row["keyword"]] = int(row["count"])
+        return keywords
+    
+    @staticmethod
+    def _save_keywords(keywords):
+        """Save keywords dictionary to CSV file"""
+        with open(KEYWORDS_CSV, "w", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            writer.writerow(["keyword", "count", "last_updated"])
+            for keyword, count in keywords.items():
+                writer.writerow([keyword, count, timezone.now().isoformat()])
+
+
+# ============= Storage Factory Functions =============
+
+def get_blacklist_store():
+    """Return appropriate blacklist storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvBlacklistStore
+    else:
+        # Return a wrapper for Django models
+        return ModelBlacklistStore
+
+
+def get_exemption_store():
+    """Return appropriate exemption storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvExemptionStore
+    else:
+        return ModelExemptionStore
+
+
+def get_keyword_store():
+    """Return appropriate keyword storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvKeywordStore
+    else:
+        return ModelKeywordStore
+
+
+# ============= Django Model Wrappers =============
+
+class ModelBlacklistStore:
+    """Django model-based storage for blacklist entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason):
+        BlacklistEntry.objects.get_or_create(ip_address=ip_address, defaults={"reason": reason})
+    
+    @staticmethod
+    def is_blocked(ip_address):
+        return BlacklistEntry.objects.filter(ip_address=ip_address).exists()
+    
+    @staticmethod
+    def get_all():
+        return list(BlacklistEntry.objects.values("ip_address", "reason", "created_at"))
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        BlacklistEntry.objects.filter(ip_address=ip_address).delete()
+
+
+class ModelExemptionStore:
+    """Django model-based storage for exemption entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason=""):
+        IPExemption.objects.get_or_create(ip_address=ip_address, defaults={"reason": reason})
+    
+    @staticmethod
+    def is_exempted(ip_address):
+        return IPExemption.objects.filter(ip_address=ip_address).exists()
+    
+    @staticmethod
+    def get_all():
+        return list(IPExemption.objects.values("ip_address", "reason", "created_at"))
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        IPExemption.objects.filter(ip_address=ip_address).delete()
+
+
+class ModelKeywordStore:
+    """Django model-based storage for dynamic keywords"""
+    
+    @staticmethod
+    def add_keyword(keyword, count=1):
+        obj, created = DynamicKeyword.objects.get_or_create(keyword=keyword, defaults={"count": count})
+        if not created:
+            obj.count += count
+            obj.save()
+    
+    @staticmethod
+    def get_top_keywords(limit=10):
+        return list(DynamicKeyword.objects.order_by("-count").values_list("keyword", flat=True)[:limit])
+    
+    @staticmethod
+    def remove_keyword(keyword):
+        DynamicKeyword.objects.filter(keyword=keyword).delete()
+    
+    @staticmethod
+    def clear_all():
+        DynamicKeyword.objects.all().delete()

aiwaf/trainer.py

@@ -14,6 +14,7 @@ from django.conf import settings
 from django.apps import apps
 from django.db.models import F
 from .utils import is_exempt_path
+from .storage import get_blacklist_store, get_exemption_store, get_keyword_store
 
 # ─────────── Configuration ───────────
 LOG_PATH   = settings.AIWAF_ACCESS_LOG
@@ -28,11 +29,6 @@ _LOG_RX = re.compile(
 )
 
 
-BlacklistEntry = apps.get_model("aiwaf", "BlacklistEntry")
-DynamicKeyword = apps.get_model("aiwaf", "DynamicKeyword")
-IPExemption = apps.get_model("aiwaf", "IPExemption")
-
-
 def path_exists_in_django(path: str) -> bool:
     from django.urls import get_resolver
     from django.urls.resolvers import URLResolver
@@ -54,13 +50,17 @@ def path_exists_in_django(path: str) -> bool:
 
 
 def remove_exempt_keywords() -> None:
+    keyword_store = get_keyword_store()
     exempt_tokens = set()
+    
     for path in getattr(settings, "AIWAF_EXEMPT_PATHS", []):
         for seg in re.split(r"\W+", path.strip("/").lower()):
             if len(seg) > 3:
                 exempt_tokens.add(seg)
-    if exempt_tokens:
-        DynamicKeyword.objects.filter(keyword__in=exempt_tokens).delete()
+    
+    # Remove exempt tokens from keyword storage
+    for token in exempt_tokens:
+        keyword_store.remove_keyword(token)
 
 
 def _read_all_logs() -> list[str]:
@@ -98,10 +98,15 @@ def _parse(line: str) -> dict | None:
 
 def train() -> None:
     remove_exempt_keywords()
-    # Remove any IPs in IPExemption from the blacklist
-    exempt_ips = set(IPExemption.objects.values_list("ip_address", flat=True))
-    if exempt_ips:
-        BlacklistEntry.objects.filter(ip_address__in=exempt_ips).delete()
+    
+    # Remove any IPs in IPExemption from the blacklist using storage system
+    exemption_store = get_exemption_store()
+    blacklist_store = get_blacklist_store()
+    
+    exempted_ips = [entry['ip_address'] for entry in exemption_store.get_all()]
+    for ip in exempted_ips:
+        blacklist_store.remove_ip(ip)
+    
     raw_lines = _read_all_logs()
     if not raw_lines:
         print("No log lines found – check AIWAF_ACCESS_LOG setting.")
@@ -133,10 +138,8 @@ def train() -> None:
             
             # Don't block if majority of 404s are on login paths
             if count > login_404s:  # More non-login 404s than login 404s
-                BlacklistEntry.objects.get_or_create(
-                    ip_address=ip,
-                    defaults={"reason": f"Excessive 404s (≥6 non-login, {count}/{total_404s})"}
-                )
+                blacklist_store = get_blacklist_store()
+                blacklist_store.add_ip(ip, f"Excessive 404s (≥6 non-login, {count}/{total_404s})")
 
     feature_dicts = []
     for r in parsed:
@@ -187,10 +190,13 @@ def train() -> None:
     if anomalous_ips:
         print(f"⚠️  Detected {len(anomalous_ips)} potentially anomalous IPs during training")
         
+        exemption_store = get_exemption_store()
+        blacklist_store = get_blacklist_store()
         blocked_count = 0
+        
         for ip in anomalous_ips:
             # Skip if IP is exempted
-            if IPExemption.objects.filter(ip_address=ip).exists():
+            if exemption_store.is_exempted(ip):
                 continue
             
             # Get this IP's behavior from the data
@@ -213,10 +219,7 @@ def train() -> None:
                 continue
             
             # Block if it shows clear signs of malicious behavior
-            BlacklistEntry.objects.get_or_create(
-                ip_address=ip,
-                defaults={"reason": f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})"}
-            )
+            blacklist_store.add_ip(ip, f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
             blocked_count += 1
             print(f"   - {ip}: Blocked for suspicious behavior (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
         
@@ -230,8 +233,10 @@ def train() -> None:
                 if len(seg) > 3 and seg not in STATIC_KW:
                     tokens[seg] += 1
 
-    for kw, cnt in tokens.most_common(10):
-        obj, _ = DynamicKeyword.objects.get_or_create(keyword=kw)
-        DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + cnt)
+    keyword_store = get_keyword_store()
+    top_tokens = tokens.most_common(10)
+    
+    for kw, cnt in top_tokens:
+        keyword_store.add_keyword(kw, cnt)
 
-    print(f"DynamicKeyword DB updated with top tokens: {[kw for kw, _ in tokens.most_common(10)]}")
+    print(f"DynamicKeyword storage updated with top tokens: {[kw for kw, _ in top_tokens]}")

aiwaf/utils.py

@@ -4,7 +4,7 @@ import glob
 import gzip
 from datetime import datetime
 from django.conf import settings
-from .models import IPExemption
+from .storage import get_exemption_store
 
 _LOG_RX = re.compile(
     r'(\d+\.\d+\.\d+\.\d+).*\[(.*?)\].*"(GET|POST) (.*?) HTTP/.*?" (\d{3}).*?"(.*?)" "(.*?)"'
@@ -53,7 +53,8 @@ def parse_log_line(line):
 
 def is_ip_exempted(ip):
     """Check if IP is in exemption list"""
-    return IPExemption.objects.filter(ip_address=ip).exists()
+    store = get_exemption_store()
+    return store.is_exempted(ip)
 
 def is_view_exempt(request):
     """Check if the current view is marked as AI-WAF exempt"""

{aiwaf-0.1.8.6.dist-info → aiwaf-0.1.8.7.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.8.6
+Version: 0.1.8.7
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -188,6 +188,31 @@ AIWAF_ACCESS_LOG = "/var/log/nginx/access.log"
 
 ---
 
+### Storage Configuration
+
+**Choose storage backend:**
+
+```python
+# Use Django models (default) - requires database tables
+AIWAF_STORAGE_MODE = "models"
+
+# OR use CSV files - no database required
+AIWAF_STORAGE_MODE = "csv"
+AIWAF_CSV_DATA_DIR = "aiwaf_data"  # Directory for CSV files
+```
+
+**CSV Mode Features:**
+- No database migrations required
+- Files stored in `aiwaf_data/` directory:
+  - `blacklist.csv` - Blocked IP addresses
+  - `exemptions.csv` - Exempt IP addresses  
+  - `keywords.csv` - Dynamic keywords
+  - `access_samples.csv` - Feature samples for ML training
+- Perfect for lightweight deployments or when you prefer file-based storage
+- Management commands work identically in both modes
+
+---
+
 ### Optional (defaults shown)
 
 ```python

{aiwaf-0.1.8.6.dist-info → aiwaf-0.1.8.7.dist-info}/RECORD

@@ -1,22 +1,22 @@
 aiwaf/__init__.py,sha256=nQFpJ1YpX48snzLjEQCf8zD2YNh8v0b_kPTrXx8uBYc,46
 aiwaf/apps.py,sha256=nCez-Ptlv2kaEk5HenA8b1pATz1VfhrHP1344gwcY1A,142
-aiwaf/blacklist_manager.py,sha256=sM6uTH7zD6MOPGb0kzqV2aFut2vxKgft_UVeRJr7klw,392
+aiwaf/blacklist_manager.py,sha256=92ltIrFfv8WOC4CXwvNVZYfivkRZHGNg3E2QAbHQipQ,550
 aiwaf/decorators.py,sha256=IUKOdM_gdroffImRZep1g1wT6gNqD10zGwcp28hsJCs,825
-aiwaf/middleware.py,sha256=eMad-wvQWALkH2nIhjssU9Y-AqFleP3Gm0lRu3qE0Bw,9679
+aiwaf/middleware.py,sha256=1JPrc0npI_a5bnB-thN0ME1ehfTbWBl1j9wTndZwRdQ,9505
 aiwaf/models.py,sha256=XaG1pd_oZu3y-fw66u4wblGlWcUY9gvsTNKGD0kQk7Y,1672
-aiwaf/storage.py,sha256=bxCILzzvA1-q6nwclRE8WrfoRhe25H4VrsQDf0hl_lY,1903
-aiwaf/trainer.py,sha256=R00q_QQ1o2UmdIWMWNh847BGBrnI6j-hfjNalojfnhU,8494
-aiwaf/utils.py,sha256=s-rtUrWQFVv-nuGxe2hz5-LLvB6TbZXKj6do46DwrkA,3376
+aiwaf/storage.py,sha256=Z0KWArfLmOHnvUcL5aVx8W_aHMr-qoEW8FVGrM23BvA,11639
+aiwaf/trainer.py,sha256=qzQOtMW0_OA5JWWh6Znbc5BG3gcQ6Cb_NNWMOgLf3VQ,8487
+aiwaf/utils.py,sha256=BJk5vJCYdGPl_4QQiknjhCbkzv5HZCXgFcBJDMJpHok,3390
 aiwaf/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 aiwaf/management/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-aiwaf/management/commands/add_ipexemption.py,sha256=LWN21_ydqSjU3_hUnkou4Ciyrk_479zLvcKdWm8hkC0,988
-aiwaf/management/commands/aiwaf_reset.py,sha256=dUTYX6Z6_X3Ft3lqF_McXE7OdKADlQFGFWvjdvFVZFI,3245
+aiwaf/management/commands/add_ipexemption.py,sha256=srgdVPDJtF7G9GGIqaZ7L3qTuNheoS_uwlhlRO4W2bc,945
+aiwaf/management/commands/aiwaf_reset.py,sha256=0FIBqpZS8xgFFvAKJ-0zAC_-QNQwRkOHpXb8N-OdFr8,3740
 aiwaf/management/commands/detect_and_train.py,sha256=-o-LZ7QZ5GeJPCekryox1DGXKMmFEkwwrcDsiM166K0,269
 aiwaf/resources/model.pkl,sha256=5t6h9BX8yoh2xct85MXOO60jdlWyg1APskUOW0jZE1Y,1288265
 aiwaf/templatetags/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 aiwaf/templatetags/aiwaf_tags.py,sha256=XXfb7Tl4DjU3Sc40GbqdaqOEtKTUKELBEk58u83wBNw,357
-aiwaf-0.1.8.6.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
-aiwaf-0.1.8.6.dist-info/METADATA,sha256=s6gux1GQJsbvphRXyVkVPm63_bVWIXcJcagWtBSlgpE,7955
-aiwaf-0.1.8.6.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-aiwaf-0.1.8.6.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
-aiwaf-0.1.8.6.dist-info/RECORD,,
+aiwaf-0.1.8.7.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
+aiwaf-0.1.8.7.dist-info/METADATA,sha256=qAIF4-sV_Br3BPp6Ivn3fXzY9uWvdtMco1zXBlkKkW0,8664
+aiwaf-0.1.8.7.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+aiwaf-0.1.8.7.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
+aiwaf-0.1.8.7.dist-info/RECORD,,