NeuVector: Automating and Shifting Security Left in Kubernetes
WAF: Web Application Firewall
NeuVector provides a Web Application Firewall (WAF) feature that allows you to protect your applications against common web application attacks like SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities.
You can also create Security Policy as Code for WAF rules, share it, and enforce it across all environments, including the running groups in your current environment. The idea is the same: using regular expressions to detect and block malicious requests. For example, if we want to block all requests that go to the /wp-login paths without sending a particular header, we can create a WAF rule to do so.
WAF Rule
You can also add the WAF rule to the WordPress group (nv.my-wordpress.wordpress) and configure it to Deny requests that match the rule.
Enable WAF Rule
You can test this using curl, but don't start by triggering the WAF rule; otherwise, you will be blocked from accessing the path /wp-login:
# This request should not be blocked
while true; do curl -ILkv -H "Pass: 123456" \End-to-End Kubernetes with Rancher, RKE2, K3s, Fleet, Longhorn, and NeuVector
The full journey from nothing to productionEnroll now to unlock all content and receive all future updates for free.