top | item 44465216

(no title)

I'd generally confirm that suspicion: https://www.macchaffee.com/blog/2023/wafs/

WAFs have a few valid uses in my opinion: "virtual patching" and the ability to create custom rules such as blocking/challenging/rate limiting obviously bad traffic. But the giant rulesets are actively harmful IMO. "Defense in depth" is not a valid justification for doing something actively harmful to both your users and the time budget of your security team.

discuss

ivanr|8 months ago

+1 Absolutely. (Source: Original author of ModSecurity.)

mmarian|8 months ago

Just wanted to say that it's a great blog post, thanks for writing it!