Skip to main content

Introduction

SeIn this article we'll have a look at WAF based on Apache/ModSecurity/OWASP CRS/ProjectHoneyPot stack.

But first things first - what is WAF ?

First and foremost - the firewall with functions different to those of typical NGFW. Web Application Firewalls are built to protect critical Web applications and, regardless of vendor, typically include the following feature set.

  • Traffic analysis allowing to setup proper filtration policy at the APP OSI Layer
  • OWASP filtering (protection against XSS, SQL injects, HTTP headers analysis, protection against Zero Day vulnerabilities etc)
  • Bot defense
  • Some vendors add typical NGFW feature set on top. Here we can get sandboxing, IPS, malware protection, app signatures etc
  • Some WAFs can also operate as ADC

Let's begin and see what we can do with an Open Source stack