It's Jon from Beyond GTA Inc., and today we are looking at Cloudflare, a leading WAF provider. Credit goes to Ohara who originally wrote this article at our Japan headquarters.
About Cloudflare
Cloudflare WAF (Web Application Firewall) is an advanced application security platform.
Cloudflare's powerful application security capabilities are integrated with other leading application performance portfolios and, like the Cloudflare CDN foundation, are delivered from global cloud platforms around the world.
Cloudflare WAF main features
Cloudflare WAF is delivered from a global edge network spanning more than 250 cities in over 100 countries with unlimited instant scaling.
Security features | Key features |
Several WAF rule sets are used to block malicious payloads in the request component. |
|
WAF ML (machine learning-based detection) | ​WAF custom rules leverage attack scores generated by ML to stop bypasses, attack variations, and anomalies. |
Zero-day protection rule updates | Rules are continuously updated by the Cloudflare security team to protect against new attacks and zero-day vulnerabilities before patches and updates become available. |
Platform-specific rule sets for major CMS and e-commerce platforms | Protect platforms such as WordPress, Joomla, Drupal, Magneto, IIS, etc. at no additional charge. |
Custom Rule Configurations | When expanding a rule or rule set, choose from BLOCK / LOG / CHALLENGE / CAPTCHA / RATE LIMIT and other options. |
Advanced rate limitation | Rate-limit individual IP addresses or block abuse, DDoS, and brute force attacks targeting applications and APIs by header, ASN, or country. |
IP Reputation Database | Blocks connections from malicious IPs using real-time intelligence of over 1 billion unique IP addresses. |
Data loss prevention | Blocks responses containing sensitive data such as personally identifiable information or secrets such as financial information, credit card numbers, API keys, etc. Detect brute force attacks with stolen credentials before public credential check end-user accounts are hijacked. |
SSL/TLS | Fully mitigate and configure SSL traffic for your application. |
Fewer false positives | Rules tested with high volumes of traffic to minimize false positives. |
Support for gRPC and Websocket | Proxy and protect traffic for gRPC and Websocket endpoints. |
Customizable block pages | Customize block pages to suit your site visitors. |
Summary
Cloudflare WAF is a service that is combined with the Cloudflare CDN itself, enabling default WAF features with a simple click from the console. The Cloudflare WAF features listed above are just a few examples, and the Enterprise version of Cloudflare offers even more flexible and customizable features.
Comments