Hey everyone !
I’m looking into spinning up a WAF as the number of services I’m hosting is slowly growing. I want to have a better understanding of the traffic and also have a relative peace of mind that if there is a flaw in one of the services I’m hosting, the WAF could help mitigate it.
I’ve seen two big names come up while searching :
- SafeLine
- BunkerWeb
They are popular and look quite good all around but I don’t want to just mindlessly take the project with the most GitHub stars.
What WAF are you using / have you used ? Which ones do you recommand ?
I ended up going with Crowdsec.
The setup was a bit of a challenge as I like to do it the RTFM way abd that there is a bunch of concepts to grasp before you really understand what you are doing, but since then it’s been working pretty great ! And it’s free (as in you are providing them with data on the occurence of threats etc, so you don’t pay)