Votes: 0Posted On: Jun 02, 2017 03:50:42
Before understanding the concepts of Web application firewall, let us first understand the basics of the firewall. The firewall is a system used as a protection to your network. It is basically a gateway between the network and the internet which focuses on preventing the flow of unwanted data to or from the network. Firewalls can be both hardware and software based. The firewalls control and manipulate the flow of data according to pre-defined conditions set by the user. For instance, you are a company that intends to block data from all commercial websites; you can do that by allowing only specific IP addresses that can enter your network.
Web Application Firewall
Web Application Firewalls (WAFs) refers to the firewall that controls the website traffic of the network. It is a specific firewall that functions over the web applications only.
The interaction of web applications takes place under the supervision of HTTP protocol. The HTTP (Hyper Text Transfer Protocol) is the base of all communication between the web applications. When the web applications want to interact with the web server, they send out http requests to access the server (generally the websites are hosted on only a part of the server). The server responds to the request by sending a response message.
The Web Application Firewall is configured in such a way that it controls the inflow of http packets from the sources specified to it. This avoids the use of unwanted data to enter your network. It also secures your web server from an http flood attack. Other types of security flaws such as SQL injection and cross-site scripting can also be prevented by web application firewalls.
Keep in mind that web application firewalls work only on web-based applications. You would need a different firewall to prevent attacks on other ports.