Hello! I run a Joomla site and I went to one of the famous commercial sites that deal with vulnerabilities. They have a free security audit for malware. I ran it on my site. And I got a reply that "Host is not alive". I have Admin Tools WAF turned ON. They recommend to shut it down temporarily, so their scanner can check everything. But to me that doesn't make any sense. Because, in my opinion, if their scanner couldn't get through, it means that the site passed the audit fine.
No what you're saying is, if I can not get into your house through the front door, than you must not need a security system. Not like I can break a window or get through the back door right? There's more than one way to break into your site. You should also understand what WAF does, because I dont think you do. WAF is designed to stop most common hackers from sniffing information they can use from your site/server to aid them in cracking your site/server. In this case the commercial site cant search your site for malware. But in the real world, hackers dont need to sniff your site to crack it. And whose to say a good hacker wont crack WAF?
So what you're saying is that WAF is useless if a hacker can crack it? And if you say that in a real world a hacker doesn't need to sniff, then why people would install WAF in a first place?
NO it is not useless, but it makes it harder for a hacker to get into your site. Which can do two things: Result#1: Deter the hacker from trying and essentially give up. OR Result#2: make the hacker have to work harder. Sniffing/fingerprinting isnt needed, but it makes things easier. Its a tool in a crackers toolkit.