{"id":4872,"date":"2026-02-09T15:58:50","date_gmt":"2026-02-09T12:58:50","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/origin-waf-modsecurity-vs-cdn-waf-kucuk-ve-orta-olcekli-siteler-icin-dogru-secim\/"},"modified":"2026-02-09T15:58:50","modified_gmt":"2026-02-09T12:58:50","slug":"origin-waf-modsecurity-vs-cdn-waf-kucuk-ve-orta-olcekli-siteler-icin-dogru-secim","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/origin-waf-modsecurity-vs-cdn-waf-kucuk-ve-orta-olcekli-siteler-icin-dogru-secim\/","title":{"rendered":"Origin WAF (ModSecurity) vs CDN WAF: K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in Do\u011fru Se\u00e7im"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Origin_WAF_ve_CDN_WAF_Arasindaki_Farki_Dogru_Anlamak\"><span class=\"toc_number toc_depth_1\">1<\/span> Origin WAF ve CDN WAF Aras\u0131ndaki Fark\u0131 Do\u011fru Anlamak<\/a><\/li><li><a href=\"#Temel_Tanimlar_Origin_WAF_ModSecurity_ve_CDN_WAF_Nedir\"><span class=\"toc_number toc_depth_1\">2<\/span> Temel Tan\u0131mlar: Origin WAF (ModSecurity) ve CDN WAF Nedir?<\/a><\/li><li><a href=\"#Origin_WAF_ModSecurity_Kucuk_ve_Orta_Olcekli_Siteler_Icin_Artilar_ve_Eksiler\"><span class=\"toc_number toc_depth_1\">3<\/span> Origin WAF (ModSecurity): K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in Art\u0131lar ve Eksiler<\/a><ul><li><a href=\"#Origin_WAFin_Temel_Ozellikleri\"><span class=\"toc_number toc_depth_2\">3.1<\/span> Origin WAF\u2019in Temel \u00d6zellikleri<\/a><\/li><li><a href=\"#Origin_WAF_Avantajlari\"><span class=\"toc_number toc_depth_2\">3.2<\/span> Origin WAF Avantajlar\u0131<\/a><\/li><li><a href=\"#Origin_WAF_Dezavantajlari\"><span class=\"toc_number toc_depth_2\">3.3<\/span> Origin WAF Dezavantajlar\u0131<\/a><\/li><li><a href=\"#Gercekci_Senaryo_Tek_VPS_Uzerinde_WooCommerce\"><span class=\"toc_number toc_depth_2\">3.4<\/span> Ger\u00e7ek\u00e7i Senaryo: Tek VPS \u00dczerinde WooCommerce<\/a><\/li><\/ul><\/li><li><a href=\"#CDN_WAF_Edge_Katmaninda_Guvenlik_Performans_ve_DDoS_Korumasi\"><span class=\"toc_number toc_depth_1\">4<\/span> CDN WAF: Edge Katman\u0131nda G\u00fcvenlik, Performans ve DDoS Korumas\u0131<\/a><ul><li><a href=\"#CDN_WAF_Nasil_Calisir\"><span class=\"toc_number toc_depth_2\">4.1<\/span> CDN WAF Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/a><\/li><li><a href=\"#CDN_WAF_Avantajlari\"><span class=\"toc_number toc_depth_2\">4.2<\/span> CDN WAF Avantajlar\u0131<\/a><\/li><li><a href=\"#CDN_WAF_Dezavantajlari\"><span class=\"toc_number toc_depth_2\">4.3<\/span> CDN WAF Dezavantajlar\u0131<\/a><\/li><li><a href=\"#Gercekci_Senaryo_Cok_Trafikli_Icerik_Sitesi\"><span class=\"toc_number toc_depth_2\">4.4<\/span> Ger\u00e7ek\u00e7i Senaryo: \u00c7ok Trafikli \u0130\u00e7erik Sitesi<\/a><\/li><\/ul><\/li><li><a href=\"#Kucuk_ve_Orta_Olcekli_Siteler_Icin_Karar_Matrisi\"><span class=\"toc_number toc_depth_1\">5<\/span> K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in Karar Matrisi<\/a><ul><li><a href=\"#1_Trafik_Hacmi_ve_Dagilimi\"><span class=\"toc_number toc_depth_2\">5.1<\/span> 1. Trafik Hacmi ve Da\u011f\u0131l\u0131m\u0131<\/a><\/li><li><a href=\"#2_Tehdit_Modeli\"><span class=\"toc_number toc_depth_2\">5.2<\/span> 2. Tehdit Modeli<\/a><\/li><li><a href=\"#3_Teknik_Ekip_Kapasitesi\"><span class=\"toc_number toc_depth_2\">5.3<\/span> 3. Teknik Ekip Kapasitesi<\/a><\/li><li><a href=\"#4_Butce_ve_Maliyet-Getiri_Dengesi\"><span class=\"toc_number toc_depth_2\">5.4<\/span> 4. B\u00fct\u00e7e ve Maliyet-Getiri Dengesi<\/a><\/li><\/ul><\/li><li><a href=\"#Hibrit_Model_Origin_WAF_CDN_WAF_Birlikte_Nasil_Kullanilir\"><span class=\"toc_number toc_depth_1\">6<\/span> Hibrit Model: Origin WAF + CDN WAF Birlikte Nas\u0131l Kullan\u0131l\u0131r?<\/a><ul><li><a href=\"#Tipik_Hibrit_Akis\"><span class=\"toc_number toc_depth_2\">6.1<\/span> Tipik Hibrit Ak\u0131\u015f<\/a><\/li><li><a href=\"#Hibrit_Kullanirken_Dikkat_Etmeniz_Gerekenler\"><span class=\"toc_number toc_depth_2\">6.2<\/span> Hibrit Kullan\u0131rken Dikkat Etmeniz Gerekenler<\/a><\/li><\/ul><\/li><li><a href=\"#DCHost_Perspektifinden_Onerilen_Yol_Haritasi\"><span class=\"toc_number toc_depth_1\">7<\/span> DCHost Perspektifinden \u00d6nerilen Yol Haritas\u0131<\/a><ul><li><a href=\"#1_paylasimli_hosting_veya_Kucuk_VPS_Uzerindeki_Kurumsal_Site\"><span class=\"toc_number toc_depth_2\">7.1<\/span> 1. payla\u015f\u0131ml\u0131 hosting veya K\u00fc\u00e7\u00fck VPS \u00dczerindeki Kurumsal Site<\/a><\/li><li><a href=\"#2_Buyuyen_WooCommerce_Magazasi_veya_Orta_Olcekli_Icerik_Sitesi\"><span class=\"toc_number toc_depth_2\">7.2<\/span> 2. B\u00fcy\u00fcyen WooCommerce Ma\u011fazas\u0131 veya Orta \u00d6l\u00e7ekli \u0130\u00e7erik Sitesi<\/a><\/li><li><a href=\"#3_SaaS_API_ve_Ozel_Panel_Yogun_Projeler\"><span class=\"toc_number toc_depth_2\">7.3<\/span> 3. SaaS, API ve \u00d6zel Panel Yo\u011fun Projeler<\/a><\/li><\/ul><\/li><li><a href=\"#Sonuc_Hangi_Katmanla_Baslamali_Ne_Zaman_Digerine_Gecmelisiniz\"><span class=\"toc_number toc_depth_1\">8<\/span> Sonu\u00e7: Hangi Katmanla Ba\u015flamal\u0131, Ne Zaman Di\u011ferine Ge\u00e7melisiniz?<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Origin_WAF_ve_CDN_WAF_Arasindaki_Farki_Dogru_Anlamak\">Origin WAF ve CDN WAF Aras\u0131ndaki Fark\u0131 Do\u011fru Anlamak<\/span><\/h2>\n<p>Bir noktadan sonra \u00e7o\u011fu m\u00fc\u015fteri bize ayn\u0131 soruyu soruyor: \u201cCDN taraf\u0131nda WAF a\u00e7t\u0131m, sunucuda ModSecurity\u2019ye ger\u00e7ekten ihtiyac\u0131m var m\u0131?\u201d veya tam tersi, \u201cSunucuda ModSecurity zaten \u00e7al\u0131\u015f\u0131yor, CDN WAF\u2019a para vermeye de\u011fer mi?\u201d K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli sitelerde b\u00fct\u00e7e ve operasyon y\u00fck\u00fc s\u0131n\u0131rl\u0131 oldu\u011fu i\u00e7in bu sorunun cevab\u0131n\u0131 netle\u015ftirmek kritik. Gere\u011finden fazla katman kurdu\u011funuzda hem gereksiz karma\u015f\u0131kl\u0131k hem de yanl\u0131\u015f pozitif (ger\u00e7ek kullan\u0131c\u0131lar\u0131n engellenmesi) sorunlar\u0131yla u\u011fra\u015f\u0131yorsunuz. Az katman kurdu\u011funuzda ise tek bir zay\u0131f nokta t\u00fcm sitenizi a\u00e7\u0131\u011fa \u00e7\u0131karabiliyor.<\/p>\n<p>Bu yaz\u0131da DCHost ekibi olarak, <strong>origin WAF (ModSecurity)<\/strong> ile <strong>CDN WAF<\/strong>\u2019\u0131 pratik g\u00f6zle kar\u015f\u0131la\u015ft\u0131raca\u011f\u0131z. Avantajlar, dezavantajlar, performans etkisi, loglama, KVKK\/GDPR gibi uyumluluk konular\u0131n\u0131 k\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli projeler perspektifinden ele alaca\u011f\u0131z. Zaten WAF kavram\u0131na yabanc\u0131ysan\u0131z, \u00f6nce <a href=\"https:\/\/www.dchost.com\/blog\/web-uygulama-guvenlik-duvari-waf-nedir-cloudflare-waf-ve-modsecurity-ile-web-sitesi-koruma-rehberi\/\">Cloudflare WAF ve ModSecurity\u2019yi birlikte anlatt\u0131\u011f\u0131m\u0131z WAF rehberimize<\/a> g\u00f6z atman\u0131z\u0131; ard\u0131ndan bu yaz\u0131y\u0131 \u201changi katman bana uygun?\u201d sorusunu yan\u0131tlamak i\u00e7in okuman\u0131z\u0131 \u00f6neririz.<\/p>\n<h2><span id=\"Temel_Tanimlar_Origin_WAF_ModSecurity_ve_CDN_WAF_Nedir\">Temel Tan\u0131mlar: Origin WAF (ModSecurity) ve CDN WAF Nedir?<\/span><\/h2>\n<p>\u00d6nce ak\u0131\u015f\u0131 sadele\u015ftirelim. Taray\u0131c\u0131dan \u00e7\u0131kan bir HTTP iste\u011fi normalde \u015fu yolu izler:<\/p>\n<p><strong>Taray\u0131c\u0131 \u2192 DNS \u2192 (varsa CDN) \u2192 Web sunucusu (origin) \u2192 Uygulama (WordPress, Laravel, vb.)<\/strong><\/p>\n<p><strong>Origin WAF<\/strong>, do\u011frudan web sunucusunun \u00fczerinde \u00e7al\u0131\u015fan WAF katman\u0131d\u0131r. Apache, Nginx veya LiteSpeed \u00fczerinde <strong>ModSecurity<\/strong> mod\u00fcl\u00fcyle, genellikle <strong>OWASP Core Rule Set (CRS)<\/strong> kural seti kullan\u0131larak devreye al\u0131n\u0131r. T\u00fcm trafi\u011fi uygulamaya ula\u015fmadan milisaniyeler \u00f6nce filtreler.<\/p>\n<p><strong>CDN WAF<\/strong> ise, genellikle Cloudflare benzeri CDN sa\u011flay\u0131c\u0131lar\u0131n kenar (edge) sunucular\u0131nda \u00e7al\u0131\u015fan WAF\u2019t\u0131r. Ziyaret\u00e7iye en yak\u0131n noktada devreye girer, istek daha sizin sunucunuza gelmeden sald\u0131r\u0131lar\u0131 kesmeye odaklan\u0131r. \u00c7o\u011fu zaman DDoS ve bot korumas\u0131yla entegre \u00e7al\u0131\u015f\u0131r.<\/p>\n<p>Yani \u00f6zetle:<\/p>\n<ul>\n<li><strong>Origin WAF:<\/strong> Sunucunuzun \u00fczerinde, uygulamaya en yak\u0131n g\u00fcvenlik katman\u0131<\/li>\n<li><strong>CDN WAF:<\/strong> A\u011f\u0131n kenar\u0131nda, sunucunuza en uzak ama sald\u0131r\u0131ya en ilk kar\u015f\u0131l\u0131k veren katman<\/li>\n<\/ul>\n<h2><span id=\"Origin_WAF_ModSecurity_Kucuk_ve_Orta_Olcekli_Siteler_Icin_Artilar_ve_Eksiler\">Origin WAF (ModSecurity): K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in Art\u0131lar ve Eksiler<\/span><\/h2>\n<h3><span id=\"Origin_WAFin_Temel_Ozellikleri\">Origin WAF\u2019in Temel \u00d6zellikleri<\/span><\/h3>\n<p>Origin WAF\u2019\u0131, web sunucunuzun \u00f6n kap\u0131s\u0131na yerle\u015ftirilmi\u015f \u00e7ok detayl\u0131 bir g\u00fcvenlik filtresi gibi d\u00fc\u015f\u00fcnebilirsiniz. Apache veya Nginx \u00fczerinde \u00e7al\u0131\u015fan ModSecurity mod\u00fcl\u00fcyle:<\/p>\n<ul>\n<li>SQL injection, XSS, RCE gibi klasik web sald\u0131r\u0131lar\u0131n\u0131 imza ve davran\u0131\u015f bazl\u0131 tespit edebilirsiniz,<\/li>\n<li>Belirli URL desenlerine, parametrelere veya HTTP header\u2019lar\u0131na \u00f6zel kurallar yazabilirsiniz,<\/li>\n<li>Uygulaman\u0131n <em>ger\u00e7ek hata mesajlar\u0131n\u0131<\/em> ve <em>loglar\u0131n\u0131<\/em> g\u00f6rerek g\u00fcvenlik politikalar\u0131n\u0131 ince ayar yapabilirsiniz.<\/li>\n<\/ul>\n<p>ModSecurity kullan\u0131m\u0131yla ilgili detayl\u0131 teknik ipu\u00e7lar\u0131 isterseniz, <a href=\"https:\/\/www.dchost.com\/blog\/modsecurity-ve-owasp-crs-ile-wafi-uysallastirmak-yanlis-pozitifleri-nasil-ehlilestirir-performansi-ne-zaman-ucururuz\/\">ModSecurity ve OWASP CRS ile WAF\u2019\u0131 uysalla\u015ft\u0131rma rehberimizde<\/a> yanl\u0131\u015f pozitifleri azaltma ve performans ayarlar\u0131n\u0131 ad\u0131m ad\u0131m anlatt\u0131k.<\/p>\n<h3><span id=\"Origin_WAF_Avantajlari\">Origin WAF Avantajlar\u0131<\/span><\/h3>\n<ul>\n<li><strong>Uygulama katman\u0131na en yak\u0131n nokta:<\/strong> CDN devre d\u0131\u015f\u0131 kalsa, DNS hatas\u0131 ya\u015fansa bile, do\u011frudan IP ile eri\u015fen sald\u0131rganlara kar\u015f\u0131 hala koruma sa\u011flar.<\/li>\n<li><strong>Detayl\u0131 g\u00f6r\u00fcn\u00fcrl\u00fck:<\/strong> Sunucu loglar\u0131, uygulama loglar\u0131 ve WAF loglar\u0131 ayn\u0131 yerde birikir. Hangi iste\u011fin, hangi kural y\u00fcz\u00fcnden engellendi\u011fini u\u00e7tan uca izleyebilirsiniz.<\/li>\n<li><strong>\u0130\u00e7 servisler ve API\u2019ler i\u00e7in zorunlu:<\/strong> CDN \u00fczerinden ge\u00e7meyen dahili servisler, panel alt alan adlar\u0131, staging ortamlar\u0131 gibi noktalar\u0131 ancak origin WAF ile koruyabilirsiniz.<\/li>\n<li><strong>\u0130nce ayar imkan\u0131:<\/strong> Kendi uygulaman\u0131za \u00f6zel, \u00e7ok hassas kurallar yazabilirsiniz. \u00d6rne\u011fin sadece \u201c\/admin\u201d alt\u0131ndaki isteklerde belirli User-Agent\u2019leri engellemek gibi.<\/li>\n<li><strong>CDN ba\u011f\u0131ml\u0131l\u0131\u011f\u0131n\u0131 azalt\u0131r:<\/strong> CDN de\u011fi\u015ftirdi\u011finizde g\u00fcvenlik politikalar\u0131n\u0131z\u0131n \u00f6nemli k\u0131sm\u0131 ayn\u0131 kal\u0131r; sadece DNS y\u00f6nlendirmesi de\u011fi\u015fir.<\/li>\n<\/ul>\n<h3><span id=\"Origin_WAF_Dezavantajlari\">Origin WAF Dezavantajlar\u0131<\/span><\/h3>\n<ul>\n<li><strong>Kaynak t\u00fcketimi:<\/strong> ModSecurity yo\u011fun kural setleriyle \u00e7al\u0131\u015f\u0131rken CPU kullan\u0131m\u0131 artabilir. \u00d6zellikle k\u00fc\u00e7\u00fck <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a>\u2019lerde k\u00f6t\u00fc ayarlanm\u0131\u015f bir WAF, trafi\u011finizden \u00f6nce sunucunun can\u0131n\u0131 yakar.<\/li>\n<li><strong>DDoS\u2019a tek ba\u015f\u0131na \u00e7are de\u011fil:<\/strong> L7 (uygulama katman\u0131) sald\u0131r\u0131lar\u0131n\u0131 azaltabilir ama L3\/L4 ve hacimsel DDoS sald\u0131r\u0131lar\u0131nda trafi\u011fin tamam\u0131 yine sunucunuza gelir.<\/li>\n<li><strong>Y\u00f6netim zorlu\u011fu:<\/strong> Yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f kurallar, \u00f6zellikle WooCommerce gibi karma\u015f\u0131k uygulamalarda m\u00fc\u015fterilerin \u00f6deme ad\u0131mlar\u0131n\u0131 bozabilir. Kurulumdan sonra bir s\u00fcre titiz log takibi ister.<\/li>\n<li><strong>G\u00fcncelleme ve test ihtiyac\u0131:<\/strong> OWASP CRS veya \u00f6zel kurallar\u0131 g\u00fcncel tutmak gerekir. Her g\u00fcncelleme k\u00fc\u00e7\u00fck de olsa test s\u00fcreci anlam\u0131na gelir.<\/li>\n<\/ul>\n<h3><span id=\"Gercekci_Senaryo_Tek_VPS_Uzerinde_WooCommerce\">Ger\u00e7ek\u00e7i Senaryo: Tek VPS \u00dczerinde WooCommerce<\/span><\/h3>\n<p>DCHost\u2019ta yay\u0131nda olan tipik bir KOB\u0130 senaryosu d\u00fc\u015f\u00fcnelim: Tek bir NVMe VPS \u00fczerinde \u00e7al\u0131\u015fan, T\u00fcrkiye hedefli bir WooCommerce ma\u011fazas\u0131. Trafik d\u00fczenli ama ani kampanyalarda art\u0131\u015f oluyor.<\/p>\n<ul>\n<li>Bu mimaride <strong>ModSecurity + OWASP CRS<\/strong> ile temel koruma,<\/li>\n<li>Ek olarak Nginx\/Apache rate limiting,<\/li>\n<li>Ve basit bir fail2ban kurgusu<\/li>\n<\/ul>\n<p>\u00e7o\u011fu SQLi\/XSS denemesini ve kaba kuvvet sald\u0131r\u0131lar\u0131n\u0131 sunucu taraf\u0131nda etkili \u015fekilde s\u00fcz\u00fcyor. Bu projede CDN WAF zorunlu de\u011fil; ancak uluslararas\u0131 trafik, yo\u011fun DDoS riski veya \u00e7ok say\u0131da bot taramas\u0131 ortaya \u00e7\u0131kt\u0131\u011f\u0131nda tablo de\u011fi\u015fiyor.<\/p>\n<h2><span id=\"CDN_WAF_Edge_Katmaninda_Guvenlik_Performans_ve_DDoS_Korumasi\">CDN WAF: Edge Katman\u0131nda G\u00fcvenlik, Performans ve DDoS Korumas\u0131<\/span><\/h2>\n<h3><span id=\"CDN_WAF_Nasil_Calisir\">CDN WAF Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/span><\/h3>\n<p>CDN WAF, DNS\u2019inizi CDN sa\u011flay\u0131c\u0131s\u0131na y\u00f6nlendirdi\u011finizde devreye giren, ziyaret\u00e7i ile origin sunucunuz aras\u0131na giren bir katmand\u0131r. T\u00fcm HTTP(S) trafi\u011fi \u00f6nce CDN\u2019in edge sunucusuna gelir, burada:<\/p>\n<ul>\n<li>IP itibar kontrolleri,<\/li>\n<li>Bot skorlama,<\/li>\n<li>Managed kural setleri (OWASP tabanl\u0131),<\/li>\n<li>Oran s\u0131n\u0131rlama (rate limiting) ve DDoS filtreleri<\/li>\n<\/ul>\n<p>uygulan\u0131r. Temizlenen istekler cache\u2019ten veya gerekirse origin\u2019den \u00e7ekilir.<\/p>\n<p>Cloudflare taraf\u0131nda WAF, bot korumas\u0131 ve rate limiting ayarlar\u0131n\u0131n nas\u0131l kurgulanaca\u011f\u0131n\u0131 ad\u0131m ad\u0131m g\u00f6rmek isterseniz, <a href=\"https:\/\/www.dchost.com\/blog\/cloudflare-guvenlik-ayarlari-rehberi-kucuk-isletme-siteleri-icin-waf-rate-limit-ve-bot-korumasi\/\">Cloudflare g\u00fcvenlik ayarlar\u0131 rehberimiz<\/a> ile <a href=\"https:\/\/www.dchost.com\/blog\/cloudflare-waf-kurallari-ve-oran-sinirlama-ile-wordpressi-botlardan-nasil-korursun\/\">Cloudflare WAF kurallar\u0131 ve oran s\u0131n\u0131rlama yaz\u0131m\u0131za<\/a> g\u00f6z atabilirsiniz.<\/p>\n<h3><span id=\"CDN_WAF_Avantajlari\">CDN WAF Avantajlar\u0131<\/span><\/h3>\n<ul>\n<li><strong>DDoS\u2019a kar\u015f\u0131 g\u00fc\u00e7l\u00fc kalkan:<\/strong> Hacimsel sald\u0131r\u0131lar daha sizin sunucunuza gelmeden CDN\u2019in devasa a\u011f\u0131 \u00fczerinde s\u00fcz\u00fcl\u00fcr. KOB\u0130\u2019ler i\u00e7in tek ba\u015f\u0131na bile oyun de\u011fi\u015ftirici olabilir.<\/li>\n<li><strong>Performans art\u0131\u015f\u0131:<\/strong> Statik i\u00e7erik cache\u2019lenir, dinamik i\u00e7erik bile baz\u0131 ak\u0131ll\u0131 cache politikalar\u0131yla hafifletilir. B\u00f6ylece origin WAF ve uygulama daha az y\u00fck alt\u0131nda kal\u0131r.<\/li>\n<li><strong>Kolay y\u00f6netim:<\/strong> \u00c7o\u011fu CDN WAF, haz\u0131r kural \u015fablonlar\u0131 ve basit aray\u00fczlerle gelir. Derin Linux bilgisi olmayan ekipler bile temel koruma kurallar\u0131n\u0131 h\u0131zla devreye alabilir.<\/li>\n<li><strong>Global eri\u015fim:<\/strong> Yurtd\u0131\u015f\u0131 trafik alan projelerde, ziyaret\u00e7iye en yak\u0131n edge noktas\u0131nda hem h\u0131z hem g\u00fcvenlik sa\u011flan\u0131r.<\/li>\n<\/ul>\n<h3><span id=\"CDN_WAF_Dezavantajlari\">CDN WAF Dezavantajlar\u0131<\/span><\/h3>\n<ul>\n<li><strong>Gizlilik ve uyumluluk sorular\u0131:<\/strong> T\u00fcm trafi\u011finiz \u00fc\u00e7\u00fcnc\u00fc taraf bir a\u011f \u00fczerinden ge\u00e7ti\u011fi i\u00e7in, KVKK\/GDPR ve s\u00f6zle\u015fmesel y\u00fck\u00fcml\u00fcl\u00fckler a\u00e7\u0131s\u0131ndan kimin neyi g\u00f6rd\u00fc\u011f\u00fcn\u00fc kurumsal olarak netle\u015ftirmeniz gerekir.<\/li>\n<li><strong>Loglama par\u00e7alan\u0131r:<\/strong> Bir k\u0131s\u0131m log CDN taraf\u0131nda, bir k\u0131s\u0131m origin taraf\u0131nda olu\u015fur. \u0130yi kurgulanmazsa sorun te\u015fhis s\u00fcre\u00e7leri uzar.<\/li>\n<li><strong>\u0130\u00e7 servisleri korumaz:<\/strong> Sadece CDN \u00fczerinden ge\u00e7en alan adlar\u0131n\u0131z i\u00e7in \u00e7al\u0131\u015f\u0131r. Admin panelleri, dahili API\u2019ler veya IP ile eri\u015filen servisler korunmaz.<\/li>\n<li><strong>Yanl\u0131\u015f kural\u0131n etkisi b\u00fcy\u00fck:<\/strong> Edge taraf\u0131nda yapt\u0131\u011f\u0131n\u0131z sert bir kural hatas\u0131, t\u00fcm trafi\u011fi kesebilir. \u00d6zellikle \u00f6deme sayfalar\u0131 i\u00e7in bypass kurallar\u0131 dikkatle tasarlanmal\u0131d\u0131r.<\/li>\n<\/ul>\n<h3><span id=\"Gercekci_Senaryo_Cok_Trafikli_Icerik_Sitesi\">Ger\u00e7ek\u00e7i Senaryo: \u00c7ok Trafikli \u0130\u00e7erik Sitesi<\/span><\/h3>\n<p>T\u00fcrkiye a\u011f\u0131rl\u0131kl\u0131 ama zaman zaman global trafi\u011fi de olan y\u00fcksek trafikli bir haber\/blog sitesini d\u00fc\u015f\u00fcnelim. Bu tip projelerde:<\/p>\n<ul>\n<li>CDN cache oran\u0131 y\u00fcksektir,<\/li>\n<li>Bot trafi\u011fi ve scrapper\u2019lar ciddi y\u00fck bindirir,<\/li>\n<li>Rakip kaynakl\u0131 DDoS denemeleri ola\u011fand\u0131r.<\/li>\n<\/ul>\n<p>Bu senaryoda CDN WAF, hem cache sayesinde sunucu maliyetini d\u00fc\u015f\u00fcrmek hem de geni\u015f \u00f6l\u00e7ekli sald\u0131r\u0131lar\u0131 daha siz fark etmeden vakumlamak i\u00e7in \u00e7ok g\u00fc\u00e7l\u00fc bir ara\u00e7t\u0131r. Bu t\u00fcr projeler i\u00e7in ayr\u0131ca <a href=\"https:\/\/www.dchost.com\/blog\/kucuk-ve-orta-olcekli-siteler-icin-ddos-koruma-stratejileri\/\">K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli siteler i\u00e7in DDoS koruma stratejileri rehberimizi<\/a> mutlaka okuman\u0131z\u0131 \u00f6neririz.<\/p>\n<h2><span id=\"Kucuk_ve_Orta_Olcekli_Siteler_Icin_Karar_Matrisi\">K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in Karar Matrisi<\/span><\/h2>\n<p>Teoriyi bir kenara b\u0131rak\u0131p \u201cbizim site i\u00e7in ne mant\u0131kl\u0131?\u201d sorusuna gelelim. A\u015fa\u011f\u0131daki fakt\u00f6rleri netle\u015ftirdi\u011finizde origin WAF mi, CDN WAF m\u0131, yoksa hibrit mi sorusu \u00e7ok daha kolay cevaplan\u0131yor.<\/p>\n<h3><span id=\"1_Trafik_Hacmi_ve_Dagilimi\">1. Trafik Hacmi ve Da\u011f\u0131l\u0131m\u0131<\/span><\/h3>\n<ul>\n<li><strong>D\u00fc\u015f\u00fck-orta trafik, tek \u00fclke odakl\u0131:<\/strong> Genelde iyi ayarl\u0131 bir ModSecurity + temel h\u0131z optimizasyonlar\u0131 yeterli olur. CDN WAF, daha \u00e7ok DDoS ve bot bask\u0131s\u0131 hissetmeye ba\u015flad\u0131\u011f\u0131n\u0131z noktada devreye al\u0131nabilir.<\/li>\n<li><strong>Orta-y\u00fcksek trafik, \u00e7ok \u00fclkeli:<\/strong> CDN WAF taraf\u0131na e\u011filmek anlaml\u0131d\u0131r. Cache oran\u0131 y\u00fckseldik\u00e7e hem sunucu hem WAF maliyetiniz d\u00fc\u015fer.<\/li>\n<\/ul>\n<h3><span id=\"2_Tehdit_Modeli\">2. Tehdit Modeli<\/span><\/h3>\n<ul>\n<li><strong>A\u011f\u0131rl\u0131kl\u0131 olarak klasik zafiyetler:<\/strong> Zay\u0131f eklentiler, eski WordPress, basit SQL injection\/XSS denemeleri\u2026 Bu tabloda origin WAF + d\u00fczenli yama y\u00f6netimi \u00e7o\u011fu zaman yeterlidir.<\/li>\n<li><strong>D\u00fczenli DDoS veya yo\u011fun bot trafi\u011fi:<\/strong> Sald\u0131r\u0131n\u0131n hedefi bant geni\u015fli\u011finiz veya CPU de\u011fil, tamamen sitenizi \u00e7\u00f6kertmekse CDN WAF b\u00fcy\u00fck fark yarat\u0131r.<\/li>\n<li><strong>API odakl\u0131 SaaS \u00fcr\u00fcnleri:<\/strong> Yetkisiz istekler, brute-force denemeleri ve rate limiting ihtiyac\u0131 \u00f6ne \u00e7\u0131kar. Bu t\u00fcr projelerde hem CDN WAF hem de origin WAF birlikte kurgulanmaya daha uygundur. Ayr\u0131nt\u0131 i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/api-guvenligi-icin-hosting-mimarisi-jwt-cors-rate-limiting-ve-waf\/\">API g\u00fcvenli\u011fi ve WAF mimarisi rehberimize<\/a> mutlaka g\u00f6z at\u0131n.<\/li>\n<\/ul>\n<h3><span id=\"3_Teknik_Ekip_Kapasitesi\">3. Teknik Ekip Kapasitesi<\/span><\/h3>\n<ul>\n<li><strong>K\u00fc\u00e7\u00fck ekip, s\u0131n\u0131rl\u0131 Linux bilgisi:<\/strong> Cloudflare gibi bir CDN WAF\u2019in haz\u0131r \u015fablonlar\u0131yla ba\u015flamak, ard\u0131ndan DCHost \u00fczerindeki ModSecurity ayarlar\u0131n\u0131 minimum seviyede tutmak mant\u0131kl\u0131 olabilir.<\/li>\n<li><strong>Deneyimli DevOps\/Sysadmin ekibi:<\/strong> Hem origin WAF hem CDN WAF ince ayar yap\u0131larak birlikte kullan\u0131labilir. Kurallar\u0131 birbiriyle \u00e7ak\u0131\u015fmayacak \u015fekilde tasarlamak i\u00e7in log analizi \u015fartt\u0131r.<\/li>\n<\/ul>\n<h3><span id=\"4_Butce_ve_Maliyet-Getiri_Dengesi\">4. B\u00fct\u00e7e ve Maliyet-Getiri Dengesi<\/span><\/h3>\n<p>K\u00fc\u00e7\u00fck projelerde her ek hizmetin maliyetini sorgulamak do\u011fal. Genel tablo \u015fu \u015fekilde:<\/p>\n<ul>\n<li><strong>Origin WAF (ModSecurity):<\/strong> \u00c7o\u011fu zaman zaten DCHost gibi hosting sa\u011flay\u0131c\u0131n\u0131z\u0131n sundu\u011fu bir \u00f6zellik. Ek lisans maliyeti gerektirmez; as\u0131l maliyet, y\u00f6netim ve tuning taraf\u0131ndad\u0131r.<\/li>\n<li><strong>CDN WAF:<\/strong> Genelde trafik, istek say\u0131s\u0131 veya kural say\u0131s\u0131na g\u00f6re fiyatlan\u0131r. DDoS riski d\u00fc\u015f\u00fck, lokal bir siteyseniz ba\u015flang\u0131\u00e7 i\u00e7in \u015fart olmayabilir; ama bir sald\u0131r\u0131 ya\u015fad\u0131\u011f\u0131n\u0131z g\u00fcn paras\u0131n\u0131n kar\u015f\u0131l\u0131\u011f\u0131n\u0131 fazlas\u0131yla verir.<\/li>\n<\/ul>\n<h2><span id=\"Hibrit_Model_Origin_WAF_CDN_WAF_Birlikte_Nasil_Kullanilir\">Hibrit Model: Origin WAF + CDN WAF Birlikte Nas\u0131l Kullan\u0131l\u0131r?<\/span><\/h2>\n<p>Ger\u00e7ekte orta ve b\u00fcy\u00fck projelerde en sa\u011fl\u0131kl\u0131 mimari \u00e7o\u011fu zaman hibrittir: <strong>\u201c\u00d6nce edge\u2019te kaba filtre, sonra origin\u2019de ince ayar.\u201d<\/strong> K\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli projelerde bile, belirli bir e\u015fi\u011fi ge\u00e7ti\u011finizde bu modelin faydas\u0131n\u0131 net g\u00f6rmeye ba\u015fl\u0131yorsunuz.<\/p>\n<h3><span id=\"Tipik_Hibrit_Akis\">Tipik Hibrit Ak\u0131\u015f<\/span><\/h3>\n<ol>\n<li>DNS, alan ad\u0131n\u0131z\u0131 CDN\u2019e y\u00f6nlendirir.<\/li>\n<li>CDN WAF, IP itibar\u0131n\u0131, basit botlar\u0131, bilinen exploit pattern\u2019lerini ve hacimsel sald\u0131r\u0131lar\u0131 daha sunucunuza gelmeden s\u00fczer.<\/li>\n<li>Temizlenen istekler DCHost\u2019taki origin sunucunuza gelir.<\/li>\n<li>ModSecurity, uygulamaya \u00e7ok \u00f6zel kurallarla ikinci bir filtre uygular; staging alt alan adlar\u0131, admin panelleri gibi CDN\u2019den ge\u00e7meyen par\u00e7alar da burada korunur.<\/li>\n<\/ol>\n<h3><span id=\"Hibrit_Kullanirken_Dikkat_Etmeniz_Gerekenler\">Hibrit Kullan\u0131rken Dikkat Etmeniz Gerekenler<\/span><\/h3>\n<ul>\n<li><strong>Kural katman\u0131 ayr\u0131m\u0131 yap\u0131n:<\/strong> \u00c7ok genel imza ve IP itibar kontrollerini CDN WAF\u2019e; uygulamaya \u00f6zel, parametre\/URL odakl\u0131 kurallar\u0131 ModSecurity taraf\u0131na koymak, \u00e7ak\u0131\u015fma riskini azalt\u0131r.<\/li>\n<li><strong>Loglar\u0131 tek yerden okuyun:<\/strong> M\u00fcmk\u00fcnse CDN loglar\u0131n\u0131 da merkezi loglama sisteminize (\u00f6rne\u011fin ELK veya Loki) aktar\u0131n. B\u00f6ylece \u201cbu istek edge\u2019te mi, origin\u2019de mi kesilmi\u015f?\u201d sorusunun yan\u0131t\u0131 bir ekranda g\u00f6r\u00fcn\u00fcr.<\/li>\n<li><strong>Health-check ve bypass senaryolar\u0131n\u0131 planlay\u0131n:<\/strong> CDN taraf\u0131nda hatal\u0131 bir kural t\u00fcm siteyi kapat\u0131rsa, DNS\u2019i h\u0131zl\u0131ca direkt origin\u2019e \u00e7ekebilecek bir runbook\u2019unuz olsun. Ayn\u0131 \u015fekilde origin\u2019de sorun ya\u015fad\u0131\u011f\u0131n\u0131zda, CDN \u00fczerinden bak\u0131m sayfas\u0131 g\u00f6stermek i\u00e7in kurgunuz haz\u0131r olsun.<\/li>\n<\/ul>\n<p>Bu hibrit modelin pratikte nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 ve ModSecurity ile Cloudflare WAF\u2019\u0131n nas\u0131l bar\u0131\u015ft\u0131r\u0131labilece\u011fini daha hikayeli bir dille okumak isterseniz, <a href=\"https:\/\/www.dchost.com\/blog\/waf-ve-bot-korumasi-cloudflare-modsecurity-ve-fail2bani-ayni-masada-baristirmanin-sicacik-hikayesi\/\">WAF ve bot korumas\u0131 \u00fczerine yazd\u0131\u011f\u0131m\u0131z detayl\u0131 rehbere<\/a> mutlaka g\u00f6z at\u0131n.<\/p>\n<h2><span id=\"DCHost_Perspektifinden_Onerilen_Yol_Haritasi\">DCHost Perspektifinden \u00d6nerilen Yol Haritas\u0131<\/span><\/h2>\n<h3><span id=\"1_paylasimli_hosting_veya_Kucuk_VPS_Uzerindeki_Kurumsal_Site\">1. <a href=\"https:\/\/www.dchost.com\/tr\/web-hosting\">payla\u015f\u0131ml\u0131 hosting<\/a> veya K\u00fc\u00e7\u00fck VPS \u00dczerindeki Kurumsal Site<\/span><\/h3>\n<p>Yeni a\u00e7\u0131lm\u0131\u015f bir kurumsal WordPress sitesi, blog veya basit bir hizmet sitesi i\u00e7in genelde \u015fu stratejiyi \u00f6neriyoruz:<\/p>\n<ul>\n<li>DCHost taraf\u0131nda <strong>ModSecurity + OWASP CRS\u2019in makul seviyede a\u00e7\u0131k<\/strong> oldu\u011fundan emin olun.<\/li>\n<li>WordPress, eklentiler ve tema g\u00fcncellemelerini d\u00fczenli takip edin; WAF, yamalanmam\u0131\u015f kritik a\u00e7\u0131klar\u0131n yerini dolduramaz.<\/li>\n<li>Brute-force giri\u015fleri i\u00e7in basit rate limiting ve gerekirse 2FA kullan\u0131n.<\/li>\n<\/ul>\n<p>Bu a\u015famada CDN WAF kullanmak <em>g\u00fczel bir ekstra<\/em>d\u0131r ama \u00e7o\u011fu k\u00fc\u00e7\u00fck i\u015fletme i\u00e7in zorunlu de\u011fildir. As\u0131l odak, yaz\u0131l\u0131m g\u00fcncelli\u011fi, yedekler ve temel WAF korumas\u0131 olmal\u0131d\u0131r.<\/p>\n<h3><span id=\"2_Buyuyen_WooCommerce_Magazasi_veya_Orta_Olcekli_Icerik_Sitesi\">2. B\u00fcy\u00fcyen WooCommerce Ma\u011fazas\u0131 veya Orta \u00d6l\u00e7ekli \u0130\u00e7erik Sitesi<\/span><\/h3>\n<p>Trafi\u011finiz y\u00fckseliyor, stok\/\u00f6deme hatalar\u0131 ya\u015fand\u0131\u011f\u0131nda maddi kayb\u0131n\u0131z art\u0131yorsa tablo de\u011fi\u015fir:<\/p>\n<ul>\n<li>Origin taraf\u0131nda ModSecurity\u2019yi biraz daha s\u0131k\u0131la\u015ft\u0131r\u0131r, yanl\u0131\u015f pozitifleri izleyerek ince ayar yapar\u0131z.<\/li>\n<li>CDN devreye al\u0131narak hem <strong>cache<\/strong> ile performans, hem de <strong>CDN WAF<\/strong> ile DDoS ve bot korumas\u0131 g\u00fc\u00e7lendirilir.<\/li>\n<li>\u00d6deme ve sepet ad\u0131mlar\u0131 i\u00e7in CDN taraf\u0131nda \u201cbypass\/\u00f6zel kural\u201d senaryolar\u0131 net tan\u0131mlan\u0131r.<\/li>\n<\/ul>\n<p>Bu b\u00fcy\u00fcme a\u015famas\u0131nda genelde WAF katmanlar\u0131yla birlikte, log analizi, yedek stratejisi ve \u00f6l\u00e7eklendirme konular\u0131n\u0131 da masaya yat\u0131r\u0131yoruz. \u0130lgili di\u011fer konular i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/woocommerce-icin-cdn-ve-onbellek-ayarlari-sepet-ve-odeme-sayfalarini-bozmadan-hizlanmak\/\">WooCommerce i\u00e7in CDN ve \u00f6nbellek ayarlar\u0131 rehberimize<\/a> g\u00f6z atman\u0131z faydal\u0131 olacakt\u0131r.<\/p>\n<h3><span id=\"3_SaaS_API_ve_Ozel_Panel_Yogun_Projeler\">3. SaaS, API ve \u00d6zel Panel Yo\u011fun Projeler<\/span><\/h3>\n<p>\u00c7ok kirac\u0131l\u0131 SaaS uygulamalar\u0131, mobil uygulama backend\u2019leri veya m\u00fc\u015fteri panelleri olan projelerde:<\/p>\n<ul>\n<li><strong>CDN WAF<\/strong> ile IP itibar kontrol\u00fc, temel bot s\u00fczme, \u00fclke bazl\u0131 engelleme ve API rate limiting devreye al\u0131n\u0131r.<\/li>\n<li><strong>Origin WAF (ModSecurity)<\/strong> ile belirli endpoint\u2019lere, HTTP metotlar\u0131na (POST, PUT, DELETE) ve hassas parametrelere \u00f6zel kurallar yaz\u0131l\u0131r.<\/li>\n<li>JWT, CORS, mTLS gibi di\u011fer g\u00fcvenlik mekanizmalar\u0131yla birlikte ele al\u0131n\u0131r.<\/li>\n<\/ul>\n<p>Bu mimarilerde tek bir WAF katman\u0131na g\u00fcvenmek yerine, zincirin her halkas\u0131n\u0131 g\u00fc\u00e7lendirmek gerekir. DCHost olarak bu tip projelerde hem VPS hem <a href=\"https:\/\/www.dchost.com\/tr\/fiziksel-sunucu\">dedicated sunucu<\/a>, hem de gerekiyorsa colocation taraf\u0131nda size uygun yap\u0131y\u0131 birlikte tasarl\u0131yoruz.<\/p>\n<h2><span id=\"Sonuc_Hangi_Katmanla_Baslamali_Ne_Zaman_Digerine_Gecmelisiniz\">Sonu\u00e7: Hangi Katmanla Ba\u015flamal\u0131, Ne Zaman Di\u011ferine Ge\u00e7melisiniz?<\/span><\/h2>\n<p>\u00d6zetleyelim:<\/p>\n<ul>\n<li><strong>S\u0131f\u0131r noktas\u0131nda:<\/strong> DCHost \u00fczerindeki sitenizde mutlaka <strong>origin WAF (ModSecurity)<\/strong> a\u00e7\u0131k olsun. Bu, k\u00fc\u00e7\u00fck sitelerde bile \u201colmazsa olmaz\u201d temel g\u00fcvenlik katman\u0131d\u0131r.<\/li>\n<li><strong>D\u00fczenli trafik ve gelir \u00fcretmeye ba\u015flad\u0131\u011f\u0131n\u0131zda:<\/strong> Loglar\u0131 izleyin, yanl\u0131\u015f pozitifleri azalt\u0131n, kritik sayfalar (login, \u00f6deme, API) i\u00e7in \u00f6zel kurallar tan\u0131mlay\u0131n.<\/li>\n<li><strong>DDoS bask\u0131s\u0131, yo\u011fun bot trafi\u011fi veya global ziyaret\u00e7i art\u0131\u015f\u0131 g\u00f6rd\u00fc\u011f\u00fcn\u00fczde:<\/strong> CDN WAF\u2019i devreye almay\u0131 masaya koyun. B\u00f6ylece bant geni\u015fli\u011fi ve CPU\u2019nuzun b\u00fcy\u00fck bir k\u0131sm\u0131n\u0131 edge\u2019te korumu\u015f olursunuz.<\/li>\n<li><strong>SaaS ve API projelerinde:<\/strong> Hibrit model (CDN WAF + origin WAF) neredeyse standartt\u0131r. Tek katmana g\u00fcvenmek yerine savunmay\u0131 katmanl\u0131 d\u00fc\u015f\u00fcnmek, riskinizi ciddi \u015fekilde d\u00fc\u015f\u00fcr\u00fcr.<\/li>\n<\/ul>\n<p>En sa\u011fl\u0131kl\u0131 yakla\u015f\u0131m, proje t\u00fcr\u00fc, trafik, b\u00fct\u00e7e ve ekip yap\u0131n\u0131z\u0131 birlikte de\u011ferlendirmek. DCHost\u2019ta biz genelde \u00f6nce origin WAF\u2019i sa\u011flamla\u015ft\u0131r\u0131p, ard\u0131ndan gerek g\u00f6rd\u00fc\u011f\u00fcm\u00fcz noktada CDN WAF ile destekleyen bir yol haritas\u0131 \u00e7iziyoruz. Siz de altyap\u0131n\u0131z\u0131 g\u00f6zden ge\u00e7irirken, mevcut risklerinizi, loglar\u0131n\u0131z\u0131 ve b\u00fcy\u00fcme plan\u0131n\u0131z\u0131 beraber de\u011ferlendirmek isterseniz, DCHost ekibi olarak mimarinizi inceleyip somut \u00f6neriler sunmaktan memnuniyet duyar\u0131z.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Origin WAF ve CDN WAF Aras\u0131ndaki Fark\u0131 Do\u011fru Anlamak2 Temel Tan\u0131mlar: Origin WAF (ModSecurity) ve CDN WAF Nedir?3 Origin WAF (ModSecurity): K\u00fc\u00e7\u00fck ve Orta \u00d6l\u00e7ekli Siteler \u0130\u00e7in Art\u0131lar ve Eksiler3.1 Origin WAF\u2019in Temel \u00d6zellikleri3.2 Origin WAF Avantajlar\u01313.3 Origin WAF Dezavantajlar\u01313.4 Ger\u00e7ek\u00e7i Senaryo: Tek VPS \u00dczerinde WooCommerce4 CDN WAF: Edge Katman\u0131nda G\u00fcvenlik, Performans ve DDoS [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4873,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-4872","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/4872","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=4872"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/4872\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/4873"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=4872"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=4872"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=4872"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}