Introduction
SeIn this article we'll have a look at WAF based on Apache/ModSecurity/OWASP CRS/ProjectHoneyPot stack.
But first things first - what is WAF ?
First and foremost - the firewall with functions different to those of typical NGFW. Web Application Firewalls are built to protect critical Web applications and, regardless of vendor, typically include the following feature set.
- Traffic analysis allowing to setup proper filtration policy at the APP OSI Layer
- OWASP filtering (protection against XSS, SQL injects, HTTP headers analysis, protection against Zero Day vulnerabilities etc)
- Bot defense
- Some vendors add typical NGFW feature set on top. Here we can get sandboxing, IPS, malware protection, app signatures etc
- Some WAFs can also operate as ADC
Let's begin and see what we can do with an Open Source stack