WAF

WordPress Pingback Attacks and our WAF

March 11, 2014

At CloudFlare a lot of our customers use WordPress, that's why we have our own plugin, we hang out at WordCamp and we wrote a WordPress specific ruleset for our Web Application Firewall....

Simon Moore

Protect Your Sites With Rapidly Deployed WAF Rules

January 21, 2014

WAF Rules Tech Talks WAF Deep Dive

An attack on your site could be catastrophic. Even a small attack can have major implications. Responding quickly to an attack is imperative. ...

John Graham-Cumming

Patching a WHMCS zero day on day zero

October 03, 2013

Vulnerabilities DDoS WAF

A critical zero-day vulnerability was published today affecting any hosting provider using WHMCS. As part of building a safer web, CloudFlare has added a ruleset to our Web Application Firewall (WAF) ...

Dane Knecht

CloudFlare's new WAF: compiling to Lua

August 23, 2013

NGINX WAF Reliability

We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases....

John Graham-Cumming

Heuristics and Rules: Why We Built a New Old WAF

August 19, 2013

Reliability WAF

We just rolled out an update to CloudFlare's Web Application Firewall (WAF). Previously, CloudFlare's WAF has received criticism from people who have tested it and found that it didn't behave as traditional WAFs are expected to. ...

Matthew Prince

← Newer Posts