Keeping Drupal sites safe with Cloudflare's WAF
Cloudflare's security analyst team has successfully protected users against a major vulnerability in Drupal CMS, known as Drupalgeddon 2. The company implemented a Web Application Firewall (WAF) rule that identified and blocked malicious requests exploiting the critical remote code execution Drupal exploit. Since adding protection with WAF rule ID D0003 on April 13th, more than 500,000 potential attacks have been blocked. The most common attack attempts involve injecting a renderable array in POST requests to exploit the 'mail' field. Cloudflare continues to block over 56,000 potential attacks per day.
Company
Cloudflare
Date published
April 20, 2018
Author(s)
Maitane Zotes
Word count
399
Hacker News points
None found.
Language
English