Abstract: A web application firewall may be configured to receiving incoming traffic from client devices with requests for an application hosted on a server. The incoming traffic may be processed using a first filter that is configured to apply rules that identify suspicious traffic in the incoming traffic. The suspicious traffic from the first filter may be passed to second filter(s), and at least a portion of the incoming traffic that is not identified as suspicious traffic may be passed to the application. The suspicious traffic may then be processed using the second filter(s), which may be configured to perform a full filtering process on the suspicious traffic to identify traffic that may be allowed to reach the application, and traffic that should be prevented from reaching the application.

Abstract: A web application firewall may be configured to receiving incoming traffic from client devices with requests for an application hosted on a server. The incoming traffic may be processed using a first filter that is configured to apply rules that identify suspicious traffic in the incoming traffic. The suspicious traffic from the first filter may be passed to second filter(s), and at least a portion of the incoming traffic that is not identified as suspicious traffic may be passed to the application. The suspicious traffic may then be processed using the second filter(s), which may be configured to perform a full filtering process on the suspicious traffic to identify traffic that may be allowed to reach the application, and traffic that should be prevented from reaching the application.

Abstract: A CDN may include a plurality of PoPs that are geographically distributed, a plurality of edge servers that are distributed among the PoPs storing content and responding to content requests, and an edge server in the plurality of edge servers. The edge server may be configured to receive, from a client device, a request for content. The request for content may include an IP address associated with the client device, and a URL comprising a first code. The edge server may also be configured to generate a second code using the IP address received from the client device, determine whether the first code matches the second code, retrieve content in the CDN that is responsive to the request for content if the first code matches the second code, and send the content to the client device if the first code matches the second code.