We just raised a $30M Series A: Read our story

Cloudflare Web Application Firewall Room for Improvement

SA
Principal Architect at a mining and metals company with 10,001+ employees

There is really only one area of the product that I think needs to be improved. That is that Cloudflare should update the version of the ModSecurity core rule set that they run on. They run a pretty old version of ModSecurity from 2013 and they need to update it. That is one thing I would very much like to see in a future release.  

The main issue that we have is really a decision about how the product fits our model. We use both AWS and Azure, and they have similar products. We are trying to determine whether or not we go for a cloud-native solution per the cloud provider we are using or stick with our current model and continue to use Cloudflare. Switching to AW or Azure as a lone solution means we would go with one or the other across all cloud providers to unify our WAF approach. It might simplify how we look at the maintenance of our web application firewall.  

View full review »
BW
Director of Platform and Information Security at a computer software company with 1-10 employees

Their documentation could be better. They don't have documentation that explains everything well. They have documentation for everything you're looking for, but they lack a single piece of documentation to tie everything together. As a new user or beginner, it took us a little bit of time to figure out how to put all these things in place. I wish they had easier introduction documents written to help us transition into it. It takes a little bit of effort for a new user to figure out how to do this.

I have asked them for some additional features. I want to be able to quickly find out the rules that I have modified because there are thousands of rules. It took a little bit of effort to figure out which rules I have modified. A feature like that will make it easier for me to track down the changes.

View full review »
MC
Chief Information Officer at a computer software company with 11-50 employees

I can't recall dealing with features that were not sufficient. It's very good.

It would be ideal if the solution offered better log integration and more integration with different platforms.

View full review »
Find out what your peers are saying about Cloudflare, Microsoft, Amazon and others in Web Application Firewall (WAF). Updated: November 2021.
554,529 professionals have used our research since 2012.