Contact
Site: US UK AU |

What is a web application firewall?

What is a web application firewall?

Overview
A web application firewall (WAF) blocks all web traffic that does not meet the firewall's configured rules.

A web application firewall (WAF) operates by monitoring and blocking the input, output, or system service calls which do not meet a firewall’s configured rules. The application’s firewall is usually built to control all network traffic on any OSI layer up to the application layer. They protect web applications and servers from web-based attacks that intrusion prevention systems (IPSs) cannot. WAFs can be network or host based and they sit in-line and monitor traffic to and from web applications and servers.

We use ModSecurity as our WAF along with the other request filtering features for our Apache HTTP Server.

IPSs examine traffic against signatures and anomalies, WAFs investigate the behavior and logic of what is requested and returned. WAFs protect against web application threats like SQL injection, cross-site scripting, session hijacking, parameter or URL tampering and buffer overflows.

WAFs are usually deployed using some sort of proxy, in front of the web applications, so they do not see all traffic. By monitoring traffic before it reaches the web application, WAFs can analyze requests before passing them on. This is what gives them the advantage over IPSs. IPSs are designed to interrogate all network traffic, they cannot analyze the application layer as thoroughly.

WAFs not only detect intrusions that are known to occur in web application environments, but they can also recognize, and prevent new unknown types of attacks. By watching for unusual or unexpected patterns in the traffic WAFs can alert and defend against unknown attacks.

 

For 24-hour assistance any day of the year, contact our Support Team by email or through the Client Portal.

Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
 
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Nexcess Acceptable Use Policy
Added on Thu, Jul 25, 2013
What is a Nexcess site-to-site VPN Tunnel?
Added on Fri, Apr 18, 2014
How to Install dotProject
Added on Thu, Mar 20, 2014
What is the PHP-FPM limit (max_children)?
Added on Mon, Nov 23, 2015
How to Install Joomla 3.2
Added on Tue, Mar 18, 2014
How to use TraceRoute
Added on Mon, Aug 5, 2013
How to transfer files using WinSCP
Added on Fri, Aug 15, 2014
How to use search engine robots
Added on Tue, Dec 31, 2013
How to download backup files with SiteWorx
Added on Tue, Aug 6, 2013
How to change PHP versions in SiteWorx
Added on Mon, Aug 13, 2018