What is a WAF and how does it work?
A WAF (or Web Application Firewall) protects web applications from common vulnerabilities by filtering out bad HTTP traffic between the client and web application. WAFs can be considered reverse proxies, as they protect web applications from malicious endpoints whereas a proxy server protects from malicious applications.
Benefits of a WAF
A WAF can prevent data leakage by scanning every request to your servers, and when something seems unusual the WAF prevents it from leaving your network, thus stopping the data from reaching the person who may be trying to access it.
There are many vulnerabilities in applications, some of these are commonly found in legacy applications or applications with poor coding. Using custom policies, a WAF is able to handle the deficiencies in the code. With WAFs you can create custom rules and policies which can target certain types of threats, thus allowing for even more personalization as your web application may be more prone to a specific attack than others.
Types of attacks that WAFs can prevent
- Layer 7 DoS – An HTTP flood attack that uses valid requests in URL data retrievals.
- SQL Injections – Attackers compromise the application and underlying systems by injecting malicious code into a web entry field.
- Cross-site Scripting (XSS) – The injection of client-side scripts into the web pages viewed by other users.
- Cookie Poisoning – Changing cookies to gain unauthorized information about a user.
- Cross-Site Request Forgery (CSRF) – These attacks occur when a user is tricked into clicking a link or downloading a file that executes unwanted actions on a user session.
Why you need a WAF
These days hackers are highly active with trying to take down web applications or stealing personal data, and by not having any protection, you are putting both your web application and your users at risk of attacks. By using a WAF you can avoid these threats and any other problems that may occur after.