Wafris, an open-source web application firewall company, has transitioned from using Redis to SQLite as the backing datastore for its Rails middleware client. This change, detailed by Michael Buckbee in a blog post, stems from the challenges users faced with Redis deployment, which often complicated the user experience and introduced issues that detracted from Wafris's goal of simplifying web application security. Initially, the decision to use Redis was influenced by its accessibility within the Heroku ecosystem and the success of similar projects. However, as Wafris grew, it became clear that requiring users to manage a Redis database was counterproductive. Many users encountered difficulties that made the setup cumbersome, leading to a reconsideration of the architecture. The performance of Redis, while generally fast, was hindered by network latency, especially in cloud environments where every HTTP request needed to be evaluated against security rules. This latency became a significant bottleneck, prompting the need for a more efficient solution. The architectural shift to SQLite aimed to eliminate network round trips, thereby improving performance. SQLite was chosen for its ability to handle read operations efficiently, which is crucial for Wafris's functionality. The benchmarking process revealed that SQLite outperformed Redis in their specific use case, achieving approximately three times the speed in local tests. This performance gain was particularly valuable as it negated the need for network latency, which would have further slowed down operations. The new architecture also addressed the complexities of deployment. With SQLite, users no longer needed to manage a separate database server. Instead, the Wafris client would periodically check for updates and download a new SQLite database as needed, simplifying the installation process and increasing successful deployments. While the write operations were initially overlooked in the testing, the architecture was adapted to handle them asynchronously. This approach allowed for batch reporting without burdening the client with database write responsibilities, focusing instead on delivering a fast and easy-to-use solution for users. Overall, the transition to SQLite has resulted in a more streamlined and efficient Wafris client, enhancing user experience and improving the security of web applications. The company continues to prioritize ease of deployment and performance, aiming to provide a robust solution for web application security.