It's Jon from Beyond GTA Inc., and today we are looking at Cloudflare, a leading WAF provider. Credit goes to Ohara who originally wrote this article at our Japan headquarters.
Cloudflare WAF (Web Application Firewall) is an advanced application security platform.
Cloudflare's powerful application security capabilities are integrated with other leading application performance portfolios and, like the Cloudflare CDN foundation, are delivered from global cloud platforms around the world.
Cloudflare WAF main features
Cloudflare WAF is delivered from a global edge network spanning more than 250 cities in over 100 countries with unlimited instant scaling.
Several WAF rule sets are used to block malicious payloads in the request component.
WAF ML (machine learning-based detection)
WAF custom rules leverage attack scores generated by ML to stop bypasses, attack variations, and anomalies.
Zero-day protection rule updates
Rules are continuously updated by the Cloudflare security team to protect against new attacks and zero-day vulnerabilities before patches and updates become available.
Platform-specific rule sets for major CMS and e-commerce platforms
Protect platforms such as WordPress, Joomla, Drupal, Magneto, IIS, etc. at no additional charge.
Custom Rule Configurations
When expanding a rule or rule set, choose from BLOCK / LOG / CHALLENGE / CAPTCHA / RATE LIMIT and other options.
Advanced rate limitation
Rate-limit individual IP addresses or block abuse, DDoS, and brute force attacks targeting applications and APIs by header, ASN, or country.
IP Reputation Database
Blocks connections from malicious IPs using real-time intelligence of over 1 billion unique IP addresses.
Data loss prevention
Blocks responses containing sensitive data such as personally identifiable information or secrets such as financial information, credit card numbers, API keys, etc.
Detect brute force attacks with stolen credentials before public credential check end-user accounts are hijacked.
Fully mitigate and configure SSL traffic for your application.
Fewer false positives
Rules tested with high volumes of traffic to minimize false positives.
Support for gRPC and Websocket
Proxy and protect traffic for gRPC and Websocket endpoints.
Customizable block pages
Customize block pages to suit your site visitors.
Cloudflare WAF is a service that is combined with the Cloudflare CDN itself, enabling default WAF features with a simple click from the console. The Cloudflare WAF features listed above are just a few examples, and the Enterprise version of Cloudflare offers even more flexible and customizable features.