Wafris

Looking for someone to pair on Caddy and Golang for our v2 Wafris client. Got any recommendations? Would be paid of course.

The @wafrisorg and honeybadgerapp teams will be hosting an online workshop tomorrow at 1PM EDT. Come learn about monitoring and security practices from Ben and Mike. I'll be hosting, so send me any questions/topics you want us to cover. (🔗 in the replies)

Save the date! 📅 One week from today, we're hosting an online workshop with our friends from @wafrisorg called "Error 'N Incidents." This is a great opportunity to learn some monitoring best practices from our co-founder, Ben Curtis (@stympy). (🔗 in replies)

Just hit publish on our post describing how and why we've migrated from Redis to SQLite for @wafrisorg - wafris.org/blog/rearchite… (spoiler: we got ~3x more perf from SQLite)

Beach day today and I’m sporting my @wafrisorg swag✌️🌴

I'm hosting a free online workshop, "The Art of Web Defense," this Thursday at 11 a.m. ET. This is _wholly_ focused on practical security considerations and is built around the real-world attacks that I've helped stop. Please signup: crowdcast.io/c/pwsw?utm_cam…

❓ Closing Question: What's the most interesting or unusual attack you've seen in your logs? We're trying to highlight more from the community. Thanks!

🌟 Contributor of the Week: We're recognizing Mathias Hansen from @Geocodio for his swift work on a Wafris client in PHP. See his work at github.com/mathias-hansen

🚀 This week's Update: We've heard your feedback. More automation features are on the way in Wafris. Stay tuned. 🤖

This week in Wafris: massive memory improvements, a guide to helping developers level up their security expertise, updates clients, and how to tell if Googlebot is lying to you. Check it out at: wafris.org/blog/update-ma…

@__pradyumna @Shpigford @gitlab Well, to be fair we did submit our gem so it's a bit of gemception.

@Shpigford @gitlab @wafrisorg on the other side gemfile.directory/gemfiles/00206… 🫢

⚠️ @gitlab coming in hot with over 300 gems! gemfile.directory/gemfiles/45106…

Guess what happens if you process an external api request in a sidekiq job and the api hangs and doesn't return a result? Your sidekiq job will VERY patiently wait and wait and if you have more of these jobs, eventually your queue will be full of hung jobs. You'd think...

Seems like a good time to announce publicly that we're going to have our Laravel client out very soon (we're still looking for some more beta testers) and are working on a Pulse card for it.

It’s essential to recognize that bots going directly for the jugular aren’t playing around but exhibiting direct hostile intent. Here, the second screenshot shows where a single bot (proxied through the US, UK, and Latvia) is ripping through 27 exploits in 3 seconds. 3/3

- Determining if a particular asset management software is installed - Exfiltrating data by UNION command if the injection works These will fail if you’re using Rails, Spring, Express, or some other framework. 2/3

➡ “Dumb” requests by bots in your logs are, in actuality, hyper-efficient. Most are both a probe and an exploit rolled into one. Here’s an example of (screenshot) of individual requests that: - Extract the version from Transact SQL 1/3

⏱️ 96 requests in less than a minute, intentionally slowing down to avoid rate limiting. 🛠️ Towards the end, it started providing custom path names based on the site name.

🤖 Bots are learning too quickly. They now scrape for domains, names, and emails to enhance their probing abilities. Here's a screenshot (from our dashboard) of a 🇨🇳 Chinese bot (based on path requests) making proxied requests through a 🇹🇷 Turkish IP. 1/2