Web Application Firewall (WAF)

A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. For more info, see Wikipedia.

Maricopa is currently using CloudFlare as our WAF.

It is configured with about 11 instances of this tool under the “Maricopa Colleges” umbrella. One for each major domain (maricopa.edu, scottsdalecc.edu, estrellamaountain.edu, etc.). Each instance is managed by the entity that owns that domain. For example, www.maricopa.edu is managed by the Cyber Security team here at the District Office, whereas www.glendale.edu is managed by the Glendale IT department.

Rules

Cloudflare Rules allows you to make adjustments to requests and responses, configure Cloudflare settings, and trigger specific actions for matching requests.

The ITS Web team and Marketing worked with ITS CyberSecurity to create and test a ‘base set’ of rules that lets Drupal work as it should. These ‘rule sets’ were then shared with each college to implement on their own instance of CloudFlare.

The purpose of documenting this is to help college editors/admins understand that there is not a single set of rules for Maricopa, but many 'similar' sets in place. A WAF issue in one domain most likely exists only for that one domain. There are no ‘global’ fixes. District ITS strongly encourages sharing issues and solutions via Slack or other channels so that if a different college comes across the same issue, the respective IT department can try to replicate the solution.