Skip to main content
Back to all posts

WAF

Protect your web applications from threats like SQL Injection and XSS using our integrated Web Application Firewall. Learn how to configure the OWASP Core Rule Set, train your WAF, and leverage this crucial layer of defense for security and PCI compliance.

Latest post

Finally, a simple way to convert MaxMind GeoIP Database files to the legacy DAT format!

Extending ModSecurity: How to add completely custom WAF functionality

In this example, I’m going to add a new transformation function to ModSecurity to calculate the Scrabble score of a variable. This will allow us to block HTTP requests containing query string parameters with a Scrabble score above a chosen threshold...

WAF Open source Security

Darktrace: When looks aren't everything

An engineer at a business using Darktrace, confessed that many IT staff ignored the pricey security software because it sent so many false alerts...

WAF Security

Load Balancing Web Servers with OWASP Top 10 WAF in Azure

In the Azure Management Portal, select the Virtual Machines option, click on the newly deployed Load Balancer VM, click on Network interfaces and then select the network interface attached to the load balancer, then click IP configurations and ensure that IP forwarding is Enabled...

Application Management WAF AWS / Azure / GCP

Security through obscurity - double login protection made easy...

Security through obscurity is not a great idea when it is your ONLY protection technique. For example moving your SSH port from 22 -> 23 won't fool any hackers for long! However, I've always liked putting a 'double login' in front of important web sites to frustrate simple automated hacking tools...

Security How-tos WAF