Baffle-WAF/.profile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Dan Milne
2025-11-08 10:37:21 +11:00
parent 900e1534b6
commit a0bb0d510a
1 changed files with 30 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
README.md
View File

@@ -3,51 +3,53 @@
## Product Positioning
Tagline options:
"Baffle bots. Calm traffic." (playing on both meanings: confuse + quiet)
"Confuse bots. Calm infrastructure."
"Bewilder bots, silence the chaos"
* "Baffle bots. Calm traffic." (playing on both meanings: confuse + quiet)
* "Confuse bots. Calm infrastructure."
* "Bewilder bots, silence the chaos"
## Target market:
Solo devs/bootstrapped startups (can't afford $249/mo Wafris/Cloudflare)
Privacy-conscious/regulated orgs (data sovereignty requirements)
Self-hosters (infrastructure control enthusiasts)
* Solo devs/bootstrapped startups (can't afford $249/mo Wafris/Cloudflare)
* Privacy-conscious/regulated orgs (data sovereignty requirements)
* Self-hosters (infrastructure control enthusiasts)
Cost-sensitive scale-ups (outgrowing free tiers)
## Business Model (Sidekiq-style)
Free (fully functional):
### Free (fully functional):
Ruby/Rack edge agent (2-5ms response time)
Local SQLite rules
IP blocking, rate limiting, geoblocking
Manual rule management
Community support
* Ruby/Rack edge agent (2-5ms response time)
* Local SQLite rules
* IP blocking, rate limiting, geoblocking
* Manual rule management
* Community support
Pro ($99-149/mo):
### Pro ($99-149/mo):
Go edge agent (performance upgrade)
SSO / multi-team
Centralized hub with traffic analytics
Automated rule generation
Adaptive sampling (manual 0-100% toggle for hub load management)
IP reputation feeds
Priority support
* Go edge agent (performance upgrade)
* SSO / multi-team
* Centralized hub with traffic analytics
* Automated rule generation
* Adaptive sampling (manual 0-100% toggle for hub load management)
* IP reputation feeds
* Priority support
## Key Technical Decisions
Traffic categories:
Blocked - Matched deny rule
Allowed - Matched allow rule (fast-path for whitelisted IPs/APIs)
Unmatched - No rules, passed through
* Blocked - Matched deny rule
* Allowed - Matched allow rule (fast-path for whitelisted IPs/APIs)
* Unmatched - No rules, passed through
## OWASP approach:
Don't try to compete with ModSecurity's full CRS
Focus on network-layer threats (bots, rate limiting, IP reputation)
Map to OWASP Top 10 where applicable (A05, A07, partial A01/A03)
Position as complementary to app-layer security
* Don't try to compete with ModSecurity's full CRS
* Focus on network-layer threats (bots, rate limiting, IP reputation)
* Map to OWASP Top 10 where applicable (A05, A07, partial A01/A03)
* Position as complementary to app-layer security
## Killer Feature: Performance Visibility
### Killer Feature: Performance Visibility
Always-on category timing:
Track latency by rule type (IP checks, rate limits, regex, etc.)