Question: Should the compatible WAF engines page include vendors that package ModSecurity too? #94
Comments
|
Hi @NickMRamirez, That would be fine. What we currently have listed are the CRS-compatible engines and integrations that we ourselves use as CRS developers, or those of our sponsors/employers, or those of our users and collaborators, or those that approach us / make themselves known to us. I'm aware that HAProxy has WAF + CRS offerings, both commercial/proprietary and via an open source SPOA. You can see the kind of description lengths that we have under the "Commercial WAF Appliances" section, and you can see that they're impartial and not vendor advertisements/endorsements :) Would you like to work on a blurb to add on that page? Or shout if you'd like a hand and I can help as needed. |
|
Great! Yes, I'll work on a description and submit a merge request. Thank you for the quick response. |
… appliance vendor.
|
Thank you @RedXanadu, I have opened a pull request: #96 |
Issue #94: Adds 'HAProxy Technologies' as a commercial WAF appliance vendor
|
Resolved in #96. Thanks again @NickMRamirez! Closing issue. |
The ENGINE AND INTEGRATION OPTIONS page lists WAF engines that are compatible with the ModSecurity configuration language. Several of our products package a variant of ModSecurity, which we have customized for performance.
Is it appropriate to add our customized ModSecurity WAF module to this page?
Thank you,
Nick Ramirez
The text was updated successfully, but these errors were encountered: