Bubble Web Application Firewall – App Security

Hi community! I’m having this client, which is asking me if I have in place a WAF (Web Application Firewall), in order to protect the app on the higher layers (5-7) from attacks such HTTP Flood, Slowloris, and/or risk threats contained in OWASP Top 10. I already checked the forum and reviewed @josh “Security Q&A Guide" and found that Bubble already use a Network Firewall, however this is supposed to protect the app on mid layers (3-4) for IP, port, ACL.

Has anyone had to deal with this WAF matter before, or can you shed some light on how I should answer this properly regarding apps built on Bubble?

I’m getting this same question.

Did you manage to solve it?

Did you check Cloudflare? Maybe check out their products list or their dashboard as they offer a lot of security features you can just turn on. It would require you to move your DNS management to them but they are the best!