Hello everyone,
i’m considering to (if necessary?) enhance the security of frappe_docker.
To do it, i want to take a start at the entrypoint, traefik. The first attempt here is to find a WAF that could prevent some easy attacks.
Because i’m not experienced with traefik, i did a quick research and found solutions, like OWASP Coraza web application firewall.
I’m sure this topic is (and will be) interesting for others.
So there are a few question, i did not figure out now. If somebody has experience with it, it would be a good thing if there will be here some answers.
-
Is a WAF necessary/helpful for frappe_docker, how you would rate it?
-
Are there already implementaions in frappe_docker to prevent attack attemps, regarding owasp?
-
Do you use or are experienced with Coraza or another WAF for traefik?
-
If you use a WAF but not with traefik, which webserver application you use and how you implemented it?
I will try to figure it out in the next time.
If somebody already will have a answer to one of these questions, it would be helpful.