Hosting generously provided by
|
|
What is a Web Application Firewall?
|
"An intermediary device, sitting between a web-client and a web server, analyzing OSI Layer-7 messages for violations in the programmed security policy. A web application firewall is used as a security device protecting the web server from attack."
Standard firewalls are designed to restrict access to certain ports, or services that an administrator
doesn't want unauthorized people to access.
Web Application Firewalls are often called 'Deep Packet Inspection Firewalls' because they look at
every request and response within the HTTP/HTTPS/SOAP/XML-RPC/Web Service layers. Some Web Application Firewalls look for certain 'attack signatures' to
try to identify a specific attack that an intruder may be sending, while others look for abnormal
behavior that doesn't fit the websites normal traffic patterns. Web Application Firewalls can be
either software, or hardware appliance based and are installed in front of a webserver in an effort
to try and shield it from incoming attacks.
Information on the types of 'signatures' that a web application firewall may use can be found in the "Fingerprinting
Port 80 Attacks" papers in our
An open sourced Web Application Firewall for the Apache Webserver named Mod_Security can be found at
|
|
|
Information contained on this website may not be copied without explicit permission.
Best Viewed with Netscape.
|
|
|
Subscribe to CGISecurity.com
|
|
|
|
|
|
The Web Security Mailing List
|
|
|
|
|
Contact us
|
Post News, get linkage!
|
|
|
|
