Varnish WAF

Overview

Varnish 6.0

Introduction

Varnish WAF is an advanced web application firewall built using the popular ModSecurity library. Varnish WAF allows for all traffic to be inspected by ModSecurity and is configurable using VCL. By leveraging the power of VCL and the high performance nature of Varnish, Varnish WAF is a convenient, efficient and powerful tool to help secure an IT infrastructure.

Varnish WAF determines the risk of a request and can either allow or deny that request. The main goal of Varnish WAF is to keep a backend safe from unsafe and malicious traffic. Varnish WAF supports all of the OWASP Top 10, plus much more.

Varnish WAF supports all ModSecurity features and the full ModSecurity ruleset, including the complete OWASP CRS. Varnish WAF is currently available for RedHat Enterprise Linux 7 and CentOS 7.

OWASP CRS

The Open Web Application Security Project (OWASP) is a community that produces information and tools in the field of web application security. OWASP produces the Core Rule Set (CRS). The CRS is a set of generic attack detection rules for use with ModSecurity. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top 10, with minimal false alerts.

The Core Rule Set provides protection against many common attack categories, including:

  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • Remote Code Execution (RCE)
  • PHP Code Injection
  • HTTP Protocol Violations
  • HTTPoxy
  • Shellshock
  • Session Fixation
  • Scanner Detection
  • Metadata/Error Leakages
  • Project Honey Pot Blacklist
  • GeoIP Country Blocking