Well yeah you only need a WAF if your web application or server is insecure in some way but you also have to look at the extra benefit it holds what is if you are using Public web based app's such as Drupal, Wordpress, Joomla, ClipBucket any kind of content management system because they are open source when security exploits are found or arise it does help block and slow down hackers until fixes or updates are made.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,254701,254705#msg-254705 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
