summaryrefslogtreecommitdiff
path: root/doc/topics/web_application_firewall/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/topics/web_application_firewall/index.md')
-rw-r--r--doc/topics/web_application_firewall/index.md25
1 files changed, 10 insertions, 15 deletions
diff --git a/doc/topics/web_application_firewall/index.md b/doc/topics/web_application_firewall/index.md
index 5ce7c0779bb..83b3bfb1cef 100644
--- a/doc/topics/web_application_firewall/index.md
+++ b/doc/topics/web_application_firewall/index.md
@@ -1,5 +1,5 @@
---
-stage: Defend
+stage: Protect
group: Container Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
---
@@ -15,19 +15,14 @@ much more.
## Overview
-GitLab provides a WAF out of the box after Ingress is deployed.
-All you need to do is deploy your application along with a service
-and Ingress resource.
+GitLab provides a WAF out of the box after Ingress is deployed. All you need to do is deploy your
+application along with a service and Ingress resource. In GitLab's [Ingress](../../user/clusters/applications.md#ingress)
+deployment, the [ModSecurity](https://modsecurity.org/)
+module is loaded into Ingress-NGINX by default and monitors the traffic going to the applications
+which have an Ingress. The ModSecurity module runs with the [OWASP Core Rule Set (CRS)](https://coreruleset.org/)
+by default. The OWASP CRS detects and logs a wide range of common attacks.
-In GitLab's [Ingress](../../user/clusters/applications.md#ingress) deployment, the [ModSecurity](https://modsecurity.org/) module is loaded
-into Ingress-NGINX by default and monitors the traffic going to the
-applications which have an Ingress.
-
-The ModSecurity module runs with the [OWASP Core Rule Set (CRS)](https://coreruleset.org/) by default. The OWASP CRS will detect and log a wide range of common attacks.
-
-NOTE: **Note:**
-The WAF is deployed in "Detection-only mode" by default and will only log attack
-attempts.
+By default, the WAF is deployed in Detection-only mode and only logs attack attempts.
## Requirements
@@ -98,5 +93,5 @@ It is good to have a basic knowledge of the following:
## Roadmap
-More information on the direction of the WAF can be
-found in [Product Vision - Defend](https://about.gitlab.com/direction/defend/#waf)
+You can find more information on the product direction of the WAF in
+[Category Direction - Web Application Firewall](https://about.gitlab.com/direction/protect/web_application_firewall/).
View Lorry Controller Status