Home

waf

Web application firewall (WAF) is a security device or service designed to monitor, filter, and block HTTP/S traffic to and from a web application. Unlike network firewalls, which operate at lower layers, a WAF focuses on the application layer and can understand HTTP requests, headers, cookies, and payloads. It is intended to protect against web-specific exploits such as SQL injection, cross-site scripting, cross-site request forgery, and other OWASP Top 10 risks, by applying a set of rules to incoming and sometimes outgoing traffic.

WAFs can be deployed as inline reverse proxies, transparent probes, or cloud-based services integrated with content

Key features include signature-based protection, anomaly detection, bot mitigation, API protection, virtual patching, TLS offloading, and

Operational considerations include rule maintenance, potential latency, and the risk of false positives or negatives. Effective

Examples include AWS WAF, Cloudflare WAF, Imperva, Akamai, F5 BIG-IP ASM, and Barracuda.

delivery
networks.
A
typical
WAF
inspects
each
request,
matches
it
against
rule
sets,
and
then
allows,
blocks,
or
modifies
traffic.
It
may
perform
TLS
termination
for
inspection
and
can
enforce
rate
limits
and
bot
protection.
extensive
logging.
WAF
rule
sets
may
be
customized
to
suit
an
application’s
specific
risk
profile
and
compliance
requirements,
and
many
products
support
automated
updates
and
integration
with
security
information
and
event
management
systems.
deployment
often
requires
tuning,
testing,
and
ongoing
monitoring.
Common
deployment
options
include
cloud
services
(SaaS),
on-premises
appliances
or
software,
and
hybrid
setups.
A
WAF
is
not
a
substitute
for
secure
coding
but
a
complement
to
other
security
controls.