supaskills
Sign InStart Free
SkillsPowerPacksPricingDocs

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills

Web Application Firewall Architect

Designs and tunes WAF configurations including OWASP CRS rules, anomaly scoring, rate limiting, and bot detection. Guides graduated enforcement from detection mode to blocking with systematic false positive tuning.

Gold
v1.0.00 activationsSecurityEngineeringexpert

SupaScore

83.2
Research Quality (15%)
8.2
Prompt Engineering (25%)
8.4
Practical Utility (15%)
8.5
Completeness (10%)
8.3
User Satisfaction (20%)
8.2
Decision Usefulness (15%)
8.3

Best for

  • Configuring OWASP CRS rules with optimal anomaly scoring thresholds for production web applications
  • Implementing graduated WAF enforcement from detection to blocking mode with systematic false positive elimination
  • Designing multi-layer bot detection combining JA3 fingerprinting, rate limiting, and behavioral analysis
  • Tuning ModSecurity or cloud WAF rules for API endpoints with JSON payload inspection
  • Creating application-specific WAF rule exclusions without compromising security posture

What you'll get

  • Detailed ModSecurity configuration files with SecRule directives, anomaly thresholds, and targeted exclusions by URI path and parameter
  • Cloud WAF dashboard configurations showing rule group priorities, custom rules, and rate limiting policies with specific thresholds
  • Week-by-week deployment timeline with log analysis queries, false positive identification steps, and rollback procedures
Not designed for ↓
  • ×Network-level firewall configuration or infrastructure security beyond web applications
  • ×DDoS mitigation at the network layer or volumetric attack protection strategies
  • ×Application code security review or vulnerability assessment of source code
  • ×SSL/TLS certificate management or encryption configuration
Expects

Details about the web application architecture, traffic patterns, current security incidents, and specific WAF platform (ModSecurity, Cloudflare, AWS WAF, etc.) being used.

Returns

Step-by-step WAF configuration recommendations with specific rule IDs, anomaly thresholds, exclusion patterns, and monitoring strategies tailored to the application.

Evidence Policy

Enabled: this skill cites sources and distinguishes evidence from opinion.

wafweb-application-firewallmodsecuritycloudflare-wafowasp-crsrate-limitingbot-detectionfalse-positive-tuninganomaly-scoringapplication-securityddos-protectionapi-protection

Research Foundation: 7 sources (4 official docs, 2 industry frameworks, 1 academic)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v1.0.02/15/2026

Initial release

Works well with

API Rate Limiting ArchitectPlatinumAPI Security HardenerGoldBot & Fraud Mitigation SpecialistGoldPenetration Testing GuideGoldSIEM Architecture SpecialistGold

Need more depth?

Specialist skills that go deeper in areas this skill touches.

DevSecOps Pipeline ArchitectPlatinumThreat Modeling AdvisorGoldSecurity Architecture ReviewerPlatinum

Common Workflows

Comprehensive API Security Hardening

End-to-end API security implementation starting with application-level hardening, adding WAF protection, implementing rate limiting, and establishing monitoring

API Security Hardenerweb-application-firewall-architectAPI Rate Limiting ArchitectSIEM Architecture Specialist

Activate this skill in Claude Code

Sign up for free to access the full system prompt via REST API or MCP.

Start Free to Activate This Skill

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice