I would prefer to keep this in front of HAProxy. So that any request comes first it will pass through he WAF standard rules and then it will come inside.
Could you please help me with some more documentation, configuration about this. How would I achieve it. On Thu, May 10, 2018 at 12:14 AM, Malcolm Turnbull <[email protected] > wrote: > Dhaval, > > As far as I'm concerned almost everyone on the planet uses mod_security... > But most use it with apache & some use it with Nginx... > So you can either put it on all of your web servers... > Or Put it in-front of HAProxy... > Or make an HAProxy[1] sandwich (which is what we do at Loadbalancer.org[2]) > > [1] https://www.haproxy.com/blog/scalable-waf-protection-with- > haproxy-and-apache-with-modsecurity/ > [2] https://www.loadbalancer.org/blog/blocking-invalid-range- > headers-using-modsecurity-and-haproxy-ms15-034-cve-2015-1635/ > > > Malcolm Turnbull > > Loadbalancer.org Ltd. > > www.loadbalancer.org > > +44 (0)330 380 1064 > [email protected] > > > > > On 9 May 2018 at 19:21, DHAVAL JAISWAL <[email protected]> wrote: > > Looking for open source. > > > > On Wed, May 9, 2018 at 11:10 PM, Mark Lakes <[email protected]> > > wrote: > >> > >> For commercial purposes, see Signal Sciences Next Gen WAF solution: > >> https://www.signalsciences.com/waf-web-application-firewall/ > >> > >> > >> > >> Mark Lakes > >> Sr Software Engineer > >> (555) 555-5555 > >> Winner: InfoWorld Technology of the Year 2018 > >> > >> > >> On Wed, May 9, 2018 at 2:23 AM, DHAVAL JAISWAL <[email protected]> > wrote: > >>> > >>> I am looking for WAF solution with HA Proxy. > >>> > >>> One which I come to know is with HA Proxy version 1.8.8 + mode > security. > >>> However, I feel its still on early stage. > >>> > >>> Any other recommendation for WAF with HA Proxy. > >>> > >>> > >>> -- > >>> Thanks & Regards > >>> Dhaval Jaiswal > >> > >> > > > > > > > > -- > > Thanks & Regards > > Dhaval Jaiswal > -- Thanks & Regards Dhaval Jaiswal
