Web Application Firewall (WAF) systems play a vital role in protecting web applications from various security vulnerabilities. However, existing WAF solutions are often costly and complex to configure, limiting their accessibility to smaller organizations. This paper aims to develop an affordable and user-friendly WAF framework that mitigates the most common security vulnerabilities identified in the Open Web Application Security Project (OWASP) Top 10. The proposed WAF framework provides protection against attacks such as Cross-Site Scripting (XSS), Structured Query Language Injection (SQLi), Operating System (OS) Command Injection, File Upload, Denial of Service (DoS), Cross Site Request Forgery (CSRF), Path Traversal, and XML External Entity (XXE) attacks. The framework offers an easy-to-use interface with features for easy configuration of mitigation settings. Users can monitor web traffic and receive real-time alerts to quickly identify and respond to potential security threats. Proxy techniques are used to intercept and handle user requests, sanitizing them using the mitigation techniques to prevent the inclusion of malicious code or unauthorized data. Additionally, two machine learning models were implemented. The first model detects malicious requests, and the second model classifies attacks based on their type. Mitigation techniques are employed to filter requests and prevent specific attack types. Regular expressions (Regex) are used to remove malicious code related to XSS, SQL injection, OS Command Injection, File Upload, CSRF, XXE, and Path Traversal attacks. Rate limiting is implemented to mitigate DoS attacks.