Introduction

Varnish WAF is an advanced web application firewall built using the popular ModSecurity library. It allows for all traffic to be inspected by ModSecurity and it is configurable using VCL. By leveraging the power of VCL and the high performance nature of Varnish, Varnish WAF is a convenient, efficient, and powerful tool for helping to secure an IT infrastructure.

Varnish WAF determines the risk of a request and can either allow or deny it. The main goal is to keep a backend safe from unsafe and malicious traffic. Varnish WAF supports all of the OWASP Top 10 and much more.

Varnish WAF supports ModSecurity features and the full ModSecurity rule set, including the complete OWASP CRS.

OWASP CRS

The Open Web Application Security Project (OWASP) is a community that produces information and tools in the field of web application security. OWASP produces the Core Rule Set (CRS). The CRS is a set of generic attack detection rules for use with ModSecurity. It aims to protect web applications from a wide range of attacks, including the OWASP Top 10, with minimal false alerts.

The Core Rule Set provides protection against many common attack categories, including:

• SQL Injection (SQLi)
• Cross Site Scripting (XSS)
• Local File Inclusion (LFI)
• Remote File Inclusion (RFI)
• Remote Code Execution (RCE)
• PHP Code Injection
• HTTP Protocol Violations
• HTTPoxy
• Shellshock
• Session Fixation
• Scanner Detection
• Metadata/Error Leakages
• Project Honey Pot Blacklist
• GeoIP Country Blocking