Cloudflare’s WAF is built to protect your Rackspace hosted website from malicious attack, such as SQL injection, cross-site scripting, and comment spam. Our WAF engine runs the OWASP ModSecurity Core Rule Set by default, making sure you’re protected against the OWASP Top 10 common vulnerabilities. In addition, the Cloudflare WAF intelligently learns from the 7 million websites on our network — from the smallest of web properties to enterprise behemoths.
We make it effortless to customize the WAF, and extend your protection even further. You can integrate industry-expert rulesets for individual applications, such as: WordPress, Magento, Atlassian, Flash, WHMCS, etc., import existing ModSecurity rule sets, or write your own custom rules.
Contact us to learn more about how Cloudflare can protect your Rackspace hosted website.
By leveraging Cloudflare’s vast network, our advanced DDoS protection detects and mitigates both network (OSI layers 3, 4) and application (layer 7) DDoS attacks, with zero downtime to your website.Learn more about DDoS Protection
Improve the speed and performance of your Rackspace hosted website via Cloudflare's next-generation CDN. Serve files closer to your visitors while delivering dynamic content from your web server.Learn more about CDN
Yes. Cloudflare's Web Application Firewall (WAF) detects changes in traffic and protects against application layer 7 DDoS attacks, such as POST floods and DNS-based attacks. In addition, implementation of the OWASP Modsecurity Core rule set protects users from the Top 10 vulnerabilities as defined from OWASP (Open Web Application Security Project).
No. Being a cloud-based service, Cloudflare’s WAF doesn’t require any additional hardware or software to run and install. Cloudflare’s WAF can be turned on in seconds, and customized to meet your website’s security needs. An attack against any web property on the Cloudflare network helps the entire Cloudflare community (over 7,000,000 web properties) learn from new attack vectors faster than anyone else.
Cloudflare packaged WAF rule sets are updated on a daily basis to protect your website from the most recently identified vulnerabilities.
Yes. Cloudflare’s dashboard makes it easy to implement WAF rules. There are three types of WAF rule implementations available: Custom WAF rule requests (write your own), Cloudflare packaged rule sets (on/off toggles), and OWASP ModSecurity Core packed rule sets (on/off toggles).
Custom WAF rule requests can be written and submitted in the dashboard; Cloudflare uses a variant of mod_security syntax to write our rule sets. Cloudflare packaged rule sets include rules to stop attacks commonly seen on Cloudflare's network and attacks against popular applications, such as: Atlassian, Drupal, Flash, Joomla, Magento, PHP, WHMCS, WordPress and more. OWASP ModSecurty core packaged rule sets provide protection against the top 10 common vulnerabilities identified by OWASP.
If you enable a new WAF rule set on your website or web application, you can expect it to take effect globally within 30 seconds.