Web Application Firewall (WAF)
A web application firewall (WAF) is a firewall designed specifically to protect software running on web servers and their back-end databases from code injection and DoS attacks.
- type of reverse proxy
- primarily validates input and output
- use application-aware processing rules to
- filter traffic
- perform application-specific intrusion detection
- can be programmed with signatures of known attacks
- and use pattern matching to block requests containing suspect code
- output from a WAF will be written to a log
- can reveal potential threats to the web application
- may be deployed as:
- an appliance protecting the zone that the web server is placed in
- or as plug-in software for a web server platform