A web application firewall is a security service deployed to protect online applications. It monitors traffic to and from a web application and filters or blocks it if it meets, or fails to meet, certain criteria. A web application firewall differs from a traditional firewall because it monitors and controls traffic between specific online applications, rather than between servers.
Terms related to Web Application Firewall: Firewall, malware, antivirus, hacking, breach, vulnerability, cybersecurity, whitelist, blacklist.
A web application firewall is a sophisticated software service that monitors, identifies, and filters traffic to and from an online application or website. It is a primary line of defense in protecting against exploits that can steal data or cause disruption to web applications.
Web application firewalls attempt to block traffic that targets areas including hidden field manipulation
cookie poisoning, parameter tampering, buffer overflow, cross-site scripting, SQL code injection, backdoor or debug options, stealth commanding, forced browsing, third-party misconfigurations, and known vulnerabilities.
Web application firewalls use a combination of rule-based logic, whitelists, blacklists, parsing, and signatures to identify and remove potential threats. This type of firewall is placed between the online application and the public internet and analyzes HTTP traffic flowing to and from the application. The firewall is completely independent of the web application and exists as a separate and distinct security service.
Although most web application firewalls are software-based, it’s also possible to deploy web application firewalls built around hardware or servers. They can be stand-alone services or integrated into other network components.
Web application firewalls should be used alongside other security technology, approaches, and tools to provide proper security for online applications. This might include vulnerability scanning, penetration testing, web application security scanning, network firewalls, and security monitoring.