March 2026 monthly summary for alphagov/govuk-helm-charts focused on stabilizing and unifying monitoring and runbook/documentation across environments. Key work consolidated to eliminate duplicates, ensure a single source of truth, and align tests/docs with updated alert flows, delivering measurable business value through more reliable alerts and clearer operator guidance.

Delivered and refined the Web Application Firewall (WAF) for Find and CKAN with environment-aware rate limiting, including per-environment thresholds, enhanced logging, and a centralized configuration refactor. Implemented WAF client IP header selection fixes to ensure accurate rate limiting based on the real client IP, aligning with X-Forwarded-For and True-Client-IP handling. Refactored WAF configuration to extract variables and outputs for easier maintenance; updated CKAN and staging/production rate limits, and removed legacy forwarded_ip_config details. Results: improved protection against abuse, reduced false positives, and clearer configuration management across environments.