Hugo | DevOps | Cybersecurity18,000+ security teams trust SafeLine WAF to block SQLi, XSS, RCE & zero-day threats. Self-hosted for full GDPR control—your data, your rules. 5% off via our link. #WAF #WebSecurity #OpenSource #Cybersecurity
Annual Computer Security Applications ConferenceThe third paper in this session was Akhavani et al.'s "WAFFLED: Exploiting Parsing Discrepancies to Bypass Web Application Firewalls," which uncovers 1207 #WAF bypasses via parsing flaws. (https://www.acsac.org/2025/program/final/s278.html) 4/6
#WebApplicationFirewall #WebSecurity
#WebApplicationFirewall #WebSecurity
JesseBot
If you're using traefik on Kubernetes, what free WAF are you using? Debating on if I should just stick with mod security or switch to something else.
Fastly DevsWhat if your load balancer could stop attacks before they reach your application?
Learn how Google Cloud Service Extensions and Fastly's Next-Gen WAF deliver real-time threat protection directly in the load balancing pipeline—without sacrificing performance.
🔒 Block malicious traffic earlier
⚡ Maintain low latency
📈 Scale with GKE
JWGuy scanning my site thinks it's #spring . I'll be honest, I'd rather kill myself than to use #java . I guess new rules for the #waf ?
Alexander S. KunzI try to be friendly to "AI" search web crawlers but I'm on (pretty good, but nevertheless) shared hosting and "Claude-SearchBot" has been hammering my site with ~12000 requests now, in intervals between 1-4 seconds. Inevitably, it ended up on the blocklist because of the excessive resource consumption.
And that's exactly ONE day after "Amzn-SearchBot" ended on the blocklist, for the exact same reason. Fucking idiots.
GoogleBot and BingBot have such a light footprint by comparison, IDK how it can be so hard for the companies that claim to have SUCH "intelligence" at their hands to not make that better. Instead, they just show their glaring ignorance and incompetence.
(not that I'd expect that their "search" results would bring much traffic to my site anyway... so I guess blocking them isn't a big loss in the end. 🤷🏻♂️)
#Webmastering #Website #AI #Claude #Amazon #Hosting #Firewall #WAF
CrowdSecOWASP CRS is powerful.
But static rules alone can’t keep up with evolving attacks.
Combine it with CrowdSec’s real-time threat intelligence for stronger protection 👇
https://www.crowdsec.net/blog/protecting-your-web-applications-with-owasp-crs-and-crowdsec
HabrX-Real-IP, X-Forwarded-For и белый список WAF: разбор опасного мисконфига
Привет, Хабр. Меня зовут Аскар Добряков, ведущий эксперт направления защиты данных и приложений в
https://habr.com/ru/companies/k2tech/articles/1045012/
#WAF #обратный_прокси #nginx #HAProxy #XForwardedFor #XRealIP #мисконфигурация #обход_WAF #информационная_безопасность #веббезопасность
Nils Goroll 🕊️
WAF: wrong approach firewall - why the common negative security model is wrong, why the positive model is superior and how you can implement it with #vinylcache. talk at #gpn24
https://media.ccc.de/v/gpn24-385-waf-wrong-approach-firewall
WAF: Wrong Approach Firewall
CVEDatabase.comSecurity Tip: When a zero-day or critical CVE hits, the race to patch begins. 🛡️ If an immediate reboot isn't possible, use virtual patching. By deploying targeted WAF rules or IPS signatures, you can block exploit attempts at the network edge while your team prepares the permanent fix. Stay informed on the latest threats at https://cvedatabase.com #CyberSecurity #InfoSec #PatchManagement #CVE #WAF
