Posts

[WAF] Introduction of Cloudflare WAF


It's Jon from Beyond GTA Inc., and today we are looking at Cloudflare, a leading WAF provider. Credit goes to Ohara who originally wrote this article at our Japan headquarters.


About Cloudflare

Cloudflare WAF (Web Application Firewall) is an advanced application security platform.


Cloudflare's powerful application security capabilities are integrated with other leading application performance portfolios and, like the Cloudflare CDN foundation, are delivered from global cloud platforms around the world.


Cloudflare WAF main features

Cloudflare WAF is delivered from a global edge network spanning more than 250 cities in over 100 countries with unlimited instant scaling.


Security features

Key features

Several WAF rule sets are used to block malicious payloads in the request component.

  • Rules managed by Cloudflare

  • Third-party rule sets (OWASP Top 10)

  • Custom rule sets to thwart attacks

WAF ML (machine learning-based detection)

​WAF custom rules leverage attack scores generated by ML to stop bypasses, attack variations, and anomalies.

Zero-day protection rule updates

Rules are continuously updated by the Cloudflare security team to protect against new attacks and zero-day vulnerabilities before patches and updates become available.

Platform-specific rule sets for major CMS and e-commerce platforms

Protect platforms such as WordPress, Joomla, Drupal, Magneto, IIS, etc. at no additional charge.

Custom Rule Configurations

When expanding a rule or rule set, choose from BLOCK / LOG / CHALLENGE / CAPTCHA / RATE LIMIT and other options.

Advanced rate limitation

Rate-limit individual IP addresses or block abuse, DDoS, and brute force attacks targeting applications and APIs by header, ASN, or country.

IP Reputation Database

Blocks connections from malicious IPs using real-time intelligence of over 1 billion unique IP addresses.

Data loss prevention

Blocks responses containing sensitive data such as personally identifiable information or secrets such as financial information, credit card numbers, API keys, etc.

Detect brute force attacks with stolen credentials before public credential check end-user accounts are hijacked.

SSL/TLS

Fully mitigate and configure SSL traffic for your application.

Fewer false positives

Rules tested with high volumes of traffic to minimize false positives.

Support for gRPC and Websocket

Proxy and protect traffic for gRPC and Websocket endpoints.

Customizable block pages

Customize block pages to suit your site visitors.


Summary

Cloudflare WAF is a service that is combined with the Cloudflare CDN itself, enabling default WAF features with a simple click from the console. The Cloudflare WAF features listed above are just a few examples, and the Enterprise version of Cloudflare offers even more flexible and customizable features.