Y
Hacker News
new
|
ask
|
show
|
jobs
by
sebazzz
951 days ago
> While waiting for the patch, a WAF can quickly block all requests to the /setup endpoint.
So can IIS request filtering or whatever exists in Nagios. Right on the webserver.
2 comments
JoeSpaghettio
951 days ago
depends on the org. The appsec team, may not have access to the webserver in production atleast not quickly. But will have access to modify a WAF they own.
link
wiml
950 days ago
I suppose from that perspective WAFs exist simply because of Conway's law.
link
threeseed
951 days ago
Many applications these days don't have web servers in front of them.
link