================================
Web Application Firewall (WaF)
================================

Introduction
-------------

In order to stop most attacks from being able to reach your backend in the first place, a Web-Application-Firewall will stop malicious code from being executed. However, it is the responsibility of the configuration of the web application firewall that enables it to do so. 

.. image:: https://i.imgur.com/AcG8r2l.png

Implementation
---------------

Due to using Cloudflare as my domain proxy platform, they also have a security suite at my disposal (including for the free plan). To annex this learning goal, I will be demonstrating what the web application firewall in this platform can provide to my APIs. 

(note, this is an example)

.. image:: https://i.imgur.com/cR5kNzq.png

The Cloudflare plan allows for two rules to be created within its Waf platform. One of the rules I created is a whitelist, allowing all clients from Europe the USA & the UK to access the API. 

.. image:: https://i.imgur.com/81rX6m0.png

My second rule blocks all clients from Russia, Asia, South America, Africa & Oceania. 

Why Europe? The project requires to be hosted in Europe, as its use case is to meet the demands of the learning goals of the sixth Software Engineering semester at the Fontys Hogescholen. Why USA? A lot of Cloudplatforms run in the USA, same reason goes for the UK. Why block the others? Enabling this will reduce the amount of noise generated by scanners, botters & script kiddies by a wide margin. There is no use case where this application works in those regions.