Hello dear ones, in this article, we want to get acquainted with the web application firewall and explain the attacks that prevent it.

 
𝙒𝙝𝙖𝙩 𝙞𝙨 𝙒𝘼𝙁? 

Web application firewall stands for Web application firewall used to filter, block or monitor HTTP traffic through the input and output of the web. In fact, it controls the requests between the user and the web server and is the first line of defense. Compared to intrusion detection systems (IDS / IPS), web application firewalls have a strong focus on application traffic and the ability to provide deep data flow analysis. WAF only looks for program attacks and monitors most HTTP / HTTPS protocols.

Another powerful benefit of using WAF is protection against zero-day exploits. New malware not detected by any behavioral analysis is the most dangerous and popular type of threat that traditional security measures are not equipped to reduce or prevent.


What are the WAF rules?

WAF rules are a list of things that a firewall should look for. They are special features in web traffic and specific places to search in the flow of data. Laws are also called "politics". These actions include detecting an attack, which usually protects only the non-transmission of traffic to the server.

 

Three types of lists for web application firewalls:

Black List:

Blacklist works by protecting your web application from known attacks or certain signatures. This prevents attacks that exploit known vulnerabilities. The disadvantage of this model is that it cannot detect zero-day vulnerabilities by detecting them.

White List:

The whitelist uses diagnostic signatures as well as logical decision making and allows traffic that meets certain criteria. This means that requests may pass through certain urls and block the rest.

Hybrid List:

As the name implies, it uses a combination of two blacklisted features.

 

Attacks designed to prevent WAF:

- DDOS attack

- SQL injection attack

- XSS attack

- Zero Day attack

- Business logic attack

- Mitm attack

- Malware

- Defacements

 

Well, this short article is over, and we wanted to get an overview of web application firewalls and explain how they work.

 
The types firewall Web applications:

Network-based:

A network-based WAF is usually hardware-based. Because they are installed locally, they have the least latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.

Host-based:

Host-based WAF may be fully integrated into a program. This solution is cheaper than network-based WAF and offers more customization capabilities. In a host-based WAF, local server resources are consumed, complex to implement, and costly to maintain, and these components typically take time to engineer and can be costly.

Cloud-based:

Cloud-based WAFs offer an affordable option that is very easy to implement. They usually provide a manual key from the DNS protocol to redirect traffic. Cloud-based WAFs also have a minimum initial cost because users pay monthly or annually for security as a service. Cloud-based WAFs can also provide a solution that is constantly updated to protect the user from the latest threats at no extra cost or expense.

What are the WAF rules?

WAF rules are a list of things that a firewall should look for. They are special features in web traffic and specific places to search in the flow of data. Laws are also called "politics". These actions include detecting an attack, which usually protects only the non-transmission of traffic to the server.

 

Three types of lists for web application firewalls:

Black List:

Blacklist works by protecting your web application from known attacks or certain signatures. This prevents attacks that exploit known vulnerabilities. The disadvantage of this model is that it cannot detect zero-day vulnerabilities by detecting them.

White List:

The whitelist uses diagnostic signatures as well as logical decision making and allows traffic that meets certain criteria. This means that requests may pass through certain urls and block the rest.

Hybrid List:

As the name implies, it uses a combination of two blacklisted features.


Attacks designed to prevent WAF:

- DDOS attack

- SQL injection attack

- XSS attack

- Zero Day attack

- Business logic attack

- Mitm attack

- Malware

- Defacements


Well, this short article is over, and we wanted to get an overview of web application firewalls and explain how they work.

For 𝙼𝚘𝚛𝚎 𝚄𝚙𝚌𝚘𝚖𝚒𝚗𝚐 𝙱𝚕𝚊𝚌𝚔 𝙷𝚊𝚝 𝙺𝚗𝚘𝚠𝚕𝚎𝚍𝚐𝚎 𝚙𝚕𝚎𝚊𝚜𝚎 𝚜𝚑𝚊𝚛𝚎 𝚊𝚗𝚍 𝚜𝚞𝚙𝚙𝚘𝚛𝚝 𝚞𝚜 
𝚁𝚎𝚐𝚊𝚛𝚍𝚜 
𝙰𝚗𝚘𝚗𝚙𝚎𝚛𝚜𝚘𝚗