@fox UAF isn't a WAF. It's just an interface for iptables, ie it functions on layer 3 and layer 4. I've never really had a problem with iptables.
I'm looking for a WAF (ie something that functions on layer 7). It serves a very different function.
@mhamzahkhan Oh right, my mistake! :)
@loweel I was using snort for a while, and I'm thinking of setting it up again along with modsecurity, but honestly I was hoping for something that's as little maintenance as possible as in the past whenever I've used snort or modsecurity, it's ended up requiring constant maintenance. It got a bit frustrating as It got in the way of all other tasks.
have you tried pulledpork with snort? It automates updates pretty well. I was using with FreeBSD, and I never had to spend so much time…
@loweel Yep I have. I think I'll just have to give it another shot, it's been a few years since I used it.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!