WAF and DDoS/Bot prevention engine

Saleen Dickson

Backend Engineer

Google ML Engine

Google ML Engine

Basic rules
SecRule VARIABLES OPERATOR [TRANSFORMATION_FUNCTIONS, ACTIONS]
Brute Force Attacks
# Block further login attempts after 3 failed attempts



# Initalize IP collection with user's IP address

SecAction "initcol:ip=%{REMOTE_ADDR},pass,nolog"



# Detect failed login attempts

SecRule RESPONSE_BODY "Unauthorized" "phase:4,pass,setvar:ip.failed_logins=+1,expirevar:ip.failed_logins=60"



# Block subsequent login attempts

SecRule IP:FAILED_LOGINS "@gt 2" deny
SQL Injection

SecDefaultAction "phase:2,log,auditlog,deny,status:403"

SecRule ARGS "(select|create|rename|truncate|load|alter|delete|update|insert|desc)\s*" "t:lowercase,msg:'SQL Injection'"
Like this project

Posted May 21, 2023

Increased accuracy of WAF and DDoS/Bot prevention engine by 82% through integrating AI and ML models.

Likes

0

Views

8

Clients

HeyTrade

Tags

Backend Engineer

Google ML Engine

Google ML Engine

Saleen Dickson

Expert Backend, Frontend, & Software Eng.

Spearheaded design and development of a high-performance network
Spearheaded design and development of a high-performance network
User-friendly websites
User-friendly websites

Join 50k+ companies and 1M+ independents

Contra Logo

© 2025 Contra.Work Inc