Archive for posts tagged "Web Application Firewall"

A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation that cover common attacks such as cross-site scripting (XSS) and SQL injection. Rules can be customized to your application so that many attacks can be identified and blocked.

Scaling CloudFlare’s Massive WAF

CloudFlare wants to provide a WAF to a very large number of customers. To do so meant two things: being compatible with the existing mod_security WAF so that we could leverage existing rulesets and allow people familiar with mod_security (both CloudFlare people and customers) to write new rules. Read more