[mod-security-users] Deployment Options

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Good morning all,

Seeking advice on deploying a Web Application Firewall.

I'm pretty familiar with WAFs and what they will do but stuck on an ideal deployment structure.

Lets say there are 20 websites sitting behind a reverse proxy.
My idea would be to have:

  1.  Request hits proxy
  2.  Checks to see if it has been WAF'ed or not
  3.  Sends to WAF
  4.  If approved goes back to be proxied to correct backend

Now, would it be okay to have 20 sites sent through a single WAF or should each site be configured for its own?

I am looking to use OWASP ModSecurity for the WAF ruleset but not familiar with its scalability yet.

Hoping someone else has already gone down this path and could shed some light on it.

B. Kyle Parrish