This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
In the recent Netsparker Standard 5.5 November 2019 Update, we introduced several new WAF integrations in Netsparker Standard. Cloudflare Web Services WAF is one of those integrations.
Cloudflare Web Services Web Application Firewall examines HTTP requests that are sent to your website. Cloudflare is a type of reverse-proxy that means the WAF sits in front of your web servers and forwards client request to them. First, though, it applies rules that protect your web applications from attacks made possible by cross-site forgery, cross-site scripting (XSS), file inclusion, SQL injection and other vulnerabilities.
Generating Cloudflare WAF rules enables you to temporarily defer fixing detected vulnerabilities, yet protect vulnerable areas of your web application at the same time. Cloudflare WAF rules are generated from the Web Application Firewall tab in the Options dialog.
For further information, see Generating Cloudflare Web Application Firewall Rules From Netsparker. For further information on other WAFs available in Netsparker Standard, see Web Application Firewalls. For further information on other features in the latest release, see Netsparker Standard 5.5 – November 2019 Update.
Your Information will be kept private.