Web Application Firewall (WAF) is the firewall which filter, Monitor and blocks the HTTP traffic to and from the web application. WAF is different from the system regular firewall because regular firewall provides the safety gates between the server while the WAF filter the content of the web application. It protect the web application by controlling the input and output and access to and from the web application. When we apply WAF on any web application it inspect every HTML, HTTPS, SOAP and XML data packet. Basically WAF is used to prevent from the HTTP attacks such as cross site scripting(xss), sql injection etc.
Why we use WAF ?
Now days the HTTP attacks are increase day by day on web applications. So to prevent the web application from HTTP attacks such as Cross Site Scripting, Sql Injection, Buffer Overflow, etc.
We use the Web Application Firewall. It also prevent the web application from the unknown attacks
by watching the unfamiliar pattern in the traffic data. It monitor the traffic before reaching to the web application on the basis of rule base pattern and if it found any harmful pattern it remove or discard the request to go on the web application.
There are some common and harm full HTTP attacks from which the Web Application Firewall prevent the Web Application are as follows:-
- Hidden Field Manipulation.
- Cookie Poisoning.
- Parameter Tampering.
- Buffer Overflow.
- Cross Site Scripting.
- Backdoor or Debug Options.
- Forceful Browsing.
- Stealth Commanding.
- Third Party misconfigurations.
WAF is setup in front of the web application and analyze the bi-directional HTTP traffic.
Web application Firewall can be network based or host based and setup through the proxy and placed in front of one or more than one web application.
Benefits Of Using WAF :-
When we setup the WAF in front of the web application it work like an x-ray machine which scan the all request both coming and outgoing to the web application. It prevent the data leakage from the web application. Suppose in web application the data of credit card, health information and other critical data of the customer is stored and if the web application firewall is not setup on the web application than the hacker can easily leaked the data . So the most WAF vendors write the high-level behavioral signature for credit cards and any other social security numbers. User can also write their own behavioral signature for anything they want to protect from hacking or leakage.
Automatically temporary patches:-
Depend on any company or organization run the susceptibility scans on the server or any web application quarterly, annually. If the suspicious data or error was found on the server or in any web application than in that condition some companies and organization have the man power to repair that technical error permanently but many of the companies and organization don’t have the man power of technical person who have the knowledge on that product. So in this situation WAF
Automatically handle the error temporary until the permanent repair will done on that product.