WAF to protect against MOVEit SQLi Zero-Day (CVE-2023-34362)

Hi all,

We have a MoveIT DMZ server running, which was recently under attack by CL0P Ransomware Group.
The abused the MOVEit SQLi Zero-Day (CVE-2023-34362) which our firewall did not stop.

Since this server is public facing, the solution of a WAF came to the table. I understand a WAF could have prevented this particular attack, so now I’m trying to judge what WAF solution of cloudflare I would need. There is currently a debate ongoing whether we need the pro, business or enterprise solution. The price difference between pro/business and enterprise is huge.

Can anybody tell me what would justify spending the amounts of enterprise?

Some statistics about the server:

  • Data movement is about 2 TB / month
  • Max concurrent users is 50
  • It’s an important server, but not mission critical, if it’s down for a hour, we will survive it
  • It does not require a load balancer

So since we want at least some level of support and uptime, choice will probably be business or enterprise.
Any recommendations or experience?


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.