Lately, one of the popular CDN providers, ‘Cloudflare’, made an announcement on its blog post regarding the free offering of Web Application Firewall (WAF).
Additionally, Free Cloudflare WAF comes along with a managed ruleset that helps organizations secure their applications against major threats.
Cloudflare Web Application Firewall monitors the incoming internet traffic and blocks any malicious web traffic. The firewall utilizes a ruleset which is basically a collection of patterns and signals that help find the malicious traffic and filter them out.
The managed ruleset is designed in such a way that it helps in blocking some of several common vulnerability attacks.
The CDN provider explains that its free managed ruleset is crafted to offer protection against high and wide impacting vulnerabilities. And can be safely deployed on a majority of the applications.
Note: There is no need to deploy the current Managed Ruleset if you have already deployed managed ruleset for your website.
The ruleset will be available to all the free zone plan users in the upcoming months. The users then can access the dashboard and configure the ruleset according to their needs. Furthermore, the ruleset contains some of the mitigation rules for most common vulnerabilities.
Though Cloudflare is offering WAF with free plans, Cloudflare users need to subscribe to PRO or higher plans to access an extensive set of WAF ruleset and advanced WAF features.
At the moment, the ruleset comprises the following rules; Rules against the Log4J Vulnerability, matching payloads in the URL and HTTP headers, Shellshock Vulnerability rules, and the Rules matching the most common WordPress exploits.
Last but not the least, Cloudflare has mentioned updating the Cloudflare Free Managed Ruleset update by the company in the cases where a relevant wide-ranging vulnerability is found.
Are you looking for more security updates? Subscribe to our Newsletter for the latest security news updates.