IT Knowledgebase
< All Topics
Print

What is WAF?

WAF is an abbreviation for “Web Application Firewall” which is a protection system used to protect against attacks on web applications (Web Applications) or attacks that occur on web server systems. WAF detects and blocks. Attacks that compromise web applications or data on web servers.

WAFs often include detection mechanisms that can detect conditions that threaten web applications, such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other types of web attacks. Others that may occur. WAF filters and detects incoming traffic via HTTP/HTTPS and responds quickly to prevent unwanted access and malicious attacks on web applications. WAF filters, monitors and blocks unwanted traffic. That will come to your website and help prevent undistributed data from being sent out of the website as well. WAF will analyze traffic to find which traffic is malicious and will prevent it from accessing internal information.

What can WAF protect against?

WAF can protect against a wide variety of website attacks. They are together as follows:

– Injection Attack prevents sending foreign code into the website.

– Broken Authentication Prevent unauthorized access

– Sensitive Data Exposure prevents data leakage on servers and the internet.

– XML External Entities (XXE) prevents the use of XML code to attack websites.

– Broken Access Control prevents the use of rights of others other than your own.

-Security Misconfiguration Prevents website attacks through vulnerabilities in your security settings.

– Cross-Site Scripting (XSS) prevents code that is hidden on the client side to attack websites.

Credit : https://www.techknowledge-th.com/post/%E0%B8%A3%E0%B8%B0%E0%B8%9A%E0%B8%9A%E0%B8%9B%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%81%E0%B8%B1%E0%B8%99-waf-web-application-firewall

Messenger