Cloudflare Web Application Firewall Room for Improvement

Principal Architect at a mining and metals company with 10,001+ employees
There is really only one area of the product that I think needs to be improved. That is that Cloudflare should update the version of the ModSecurity core rule set that they run on. They run a pretty old version of ModSecurity from 2013 and they need to update it. That is one thing I would very much like to see in a future release. The main issue that we have is really a decision about how the product fits our model. We use both AWS and Azure, and they have similar products. We are trying to determine whether or not we go for a cloud-native solution per the cloud provider we are using or stick with our current model and continue to use Cloudflare. Switching to AW or Azure as a lone solution means we would go with one or the other across all cloud providers to unify our WAF approach. It might simplify how we look at the maintenance of our web application firewall. View full review »
Find out what your peers are saying about Cloudflare, Microsoft, Indusface and others in Web Application Firewall (WAF). Updated: October 2020.
442,845 professionals have used our research since 2012.