Protect web servers and web applications from malware and threats, by providing a layer of protection between end users and applications.
The web application firewall (WAF) functions as a flexible barrier that filters all application access by inspecting all traffic that passes through it. WAFs are specifically designed to mitigate attacks without blocking legitimate users or slowing down web application performance.
A WAF differs from a traditional network firewall because it detects data in greater detail. For example, it can validate form field input and protect application cookies. A network firewall and a WAF are often used together to provide complementary security levels.
Web-based applications can be vulnerable to many threats. Although many of these threats can be prevented by application developers, they often fall outside of a website owner's control. When a threat goes unnoticed in development, the WAF filters all application access to inspect both the traffic towards the web application and the response.
By securing both the application infrastructure as well as the application user, a WAF complements traditional network firewalls, which are mainly designed to protect ports and protocols.
Web Application Firewall is included with all Micron21 cloud hosting options. It can be deployed as an additional service for cloud server, cloud data centre, and physical server needs.
The WAF module offers granular control of web application data flows. The WAF has various ways of dealing with threat vectors that can be launched at web applications. As two examples:
The WAF can prevent buffer overflow attacks by setting accepted maximum thresholds for aspects of HTTP requests, and blocking requests that exceed the configured limits.
The WAF can strip HTTP response headers to “cloak” server information that can equip a hacker to target an attack on your web servers. For example, the WAF can cloak an HTTP response header to hide the operating system that is running.