WAF (Web Application Firewall)

Cloud Web Application Firewalls


Cloudflare’s enterprise-class web application firewall protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure.

Read more – https://www.cloudflare.com/


AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. Amazon Web Services web application firewall gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.

Read more – https://aws.amazon.com/

Kona Web Application Firewall (Akamai)

Kona Web Application Firewall from Akamai offers effective protection against web application attacks. Globally-distributed across the Akamai Intelligent Platform™, Kona WAF can easily scale to defend against massive application attacks. Deployed at the edge of your network rather than in a data center, Kona WAF can identify and mitigate suspicious traffic without affecting performance or availability of the origin server. Security rules for Kona WAF are continuously refined by Akamai’s Threat Intelligence Team to protect against known attacks and respond to emerging threats.

Read more – https://www.akamai.com/

Web Application Firewalls


The OWASP ModSecurity CRS Project’s goal is to provide an easily “pluggable” set of generic attack detection rules that provide a base level of protection for any web application. The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts.

Read more – https://www.owasp.org/

Comodo Web Application Firewall

Your web applications must be effectively protected against attack at all times. Comodo Web Application Firewall (CWAF) provides powerful, real-time protection for web applications and websites running on Apache, LiteSpeed and Nginx on Linux. CWAF supports ModSecurity rules, providing advanced filtering, security and intrusion protection.

Read more – https://www.comodo.com/


Trustwave provides a commercial certified rule set for ModSecurity® 2.9.X that protects against known attacks that target vulnerabilities in public software.

Trustwave is the primary custodian of ModSecurity, the most widely deployed Web application firewall in the world with more than 1,000,000 deployments.

Read more: https://www.trustwave.com/

Malware Expert

malware expert
ModSecurity rules from Malware Expert are based on intelligence gathered from real-world investigations, penetration tests and research data in the REAL LIFE environment of over 10 000 domains. These rules are developed over ten years with the help of real traffic to websites.

Web applications must be effectively protected against malware, botnet and hacker attacks at all times. Malware Expert ModSecurity rules provide powerful, real-time protection for web applications and websites running on Apache, Nginx on Linux Servers. Our rules, provide advanced filtering, security and intrusion protection for PHP applications.

Just install ModSecurity, setup Malware Expert’s rules, and automatic background updates is an effort to promote better security for your services and shared web hosting servers.

Read more our – ModSecurity rules