Engineering posts about Web Application Firewall
Curated summaries and key learnings for engineers working with Web Application Firewall.
Always-on detections: eliminating the WAF “log versus block” trade-off
The article presents a novel approach to web application security through the introduction of always-on detections that eliminate the traditional trade-off between logging and blocking malicious...
Introducing the 2026 Cloudflare Threat Report
The 2026 Cloudflare Threat Report outlines significant shifts in the cybersecurity landscape, emphasizing the transition from brute force attacks to high-trust exploitation strategies employed by...
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy OpenClaw
The article discusses the development of a security-hardened 1-Click Deploy solution for OpenClaw, an open-source AI assistant. It emphasizes the importance of secure communications through TLS, the...
React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques
The article discusses the React2Shell vulnerability (CVE-2025-55182), a critical Remote Code Execution (RCE) flaw affecting React Server Components (RSC). Following its disclosure, the Cloudforce One...
Cloudflare outage on December 5, 2025
On December 5, 2025, Cloudflare experienced a significant outage affecting a portion of its network due to a configuration change related to its Web Application Firewall (WAF). The incident, which...
Cloudflare WAF proactively protects against React vulnerability
Cloudflare has implemented new protective measures against a critical Remote Code Execution (RCE) vulnerability affecting React Server Components and related frameworks. This vulnerability,...