[lopsa-tech] Cloudflare vs AWS WAF
(too old to reply)
Morgan Blackthorne
2018-07-16 02:51:06 UTC
I host several sites (Wordpress, primarily) on a set of EC2 instances. The
sites are behind Cloudflare, which goes to an ELB behind the scenes. I'm
wondering how good the security filtering Cloudflare provides is, and if I
should put WAF in between Cloudflare and the ELB. Wordpress is a definite
hacking target for script kiddies due to its popularity, so I'm leaning
towards using WAF to cover my bases, but I wanted to get some feedback here
to see if it would be redundant and just decrease performance. I will note
that I only have one customer doing any selling on his site, and that's via
a PayPal integration, so I don't have to confirm to PCI-DSS levels of
security, just industry best practices.

This list provided by the League of Professional System Administrators
You received this message because you are subscribed to the Google Groups "LOPSA Tech Discussion list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tech+***@lopsa.org.
To post to this group, send email to ***@lopsa.org.
To view this discussion on the web visit https://groups.google.com/a/lopsa.org/d/msgid/tech/CACYCm5BkJUzFieiTny%3D2Ap4m4aAOBd7mZDt6CRaOVk8iVV9V1g%40mail.gmail.com.
Continue reading on narkive: