Bastian 🦊

I am scared of all the attacks i see towards our site

Add a WAF?

I'm scared it could block traffic that is legitimate

Mar 13, 2024 at 3:10pmWeb
Show threadLennart KoopmannMar 13, 2024
@dasrecht are the attacks somewhat targeted or just scanning or opportunistically attempting exploiting?
Show threadBastian 🦊Mar 13, 2024
@_lennart both :) getting rid of all the automated scanning traffic usually shows a clearer picture. but i've also seen more targeted attacks
Show threadLennart KoopmannMar 13, 2024
@dasrecht Cloudflare may be worth a look for the lowest effort approach
Show threadBastian 🦊Mar 13, 2024
@_lennart hah way past that :) running some bigger things and never got happy with their offering. Managing SignalSciences and Fastly at work and it works very well - its just not in every customers mindset that they might benefit from it
Show threadFabianMar 13, 2024
@dasrecht was also always skeptical of WAFs - but been running AWS WAF for a few years now and we never really had any issues with it blocking the wrong thing.
Show threadBastian 🦊Mar 13, 2024
@euklid same - i had to deal with a lot of bad products in the past. there's the chance of limited impact but that's usually fixed quickly.