Web application firewall (WAF)

All websites hosted by Pressable include a web application firewall (WAF), which is a layer 7 protocol that protects against common attacks by hackers. The WAF monitors, identifies, filters, and blocks malicious activity from a web service but allows other HTTP traffic through with no problem. It protects web applications from many application-layer attacks like XSS or cross-site scripting, cross-site forgery, cookie poisoning, file inclusion, and SQL injection, among others.

Application attacks can get through to your valuable data and are the number one cause of data breaches. With a good Web Application Firewall placed in front of web applications to shield between the applications and the internet, attacks that aim at compromising your system are blocked. In addition, a WAF is a reverse-proxy type that protects servers from exposure since before clients can reach the server, they must pass through the WAF first.

A graphic representation of the web application firewall protecting websites.

How does a Web Application Firewall work?

A web application firewall (WAF) protects web apps by monitoring, filtering, and blocking malicious HTTP/S traffic that is traveling to a web application preventing unauthorized data from exiting the app. It does this through a set of policies, which are merely rules the WAF operates through. These policies help protect against application vulnerabilities by determining the malicious traffic from the safe traffic then filtering out the malicious traffic.

Just like a proxy server will act as an intermediary and protect a client’s identity, a WAF operates similarly but in a reverse fashion, which is called a reverse-proxy. The reverse-proxy also acts as an intermediary, only to protect the app’s web server from potentially malicious clients. WAFS comes in different forms, such as an appliance, software, or as-a-service. The value of a WAF comes from the ease and speed in which policy modifications are implemented, allowing a faster response to various attack vectors; rate-limiting can quickly be implemented during a DDoS attack by modifying WAF policies.

A graphic of our hosting dashboard.

30-day money-back guarantee

We’re 100% sure that you’ll love Pressable. Try us out for 30 days and if we don’t meet your expectations, you’ll get your money back, no questions asked. Plus, you can upgrade or modify your plan at any time via your account dashboard or by contacting our friendly support team.