/plushcap/analysis/cloudflare/keeping-drupal-sites-safe-with-cloudflares-waf

Keeping Drupal sites safe with Cloudflare's WAF

What's this blog post about?

Cloudflare's security analyst team has successfully protected users against a major vulnerability in Drupal CMS, known as Drupalgeddon 2. The company implemented a Web Application Firewall (WAF) rule that identified and blocked malicious requests exploiting the critical remote code execution Drupal exploit. Since adding protection with WAF rule ID D0003 on April 13th, more than 500,000 potential attacks have been blocked. The most common attack attempts involve injecting a renderable array in POST requests to exploit the 'mail' field. Cloudflare continues to block over 56,000 potential attacks per day.

Company
Cloudflare

Date published
April 20, 2018

Author(s)
Maitane Zotes

Word count
399

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.