Web Application Firewall

Why Trust Techopedia

What Does Web Application Firewall Mean?

A web application firewall (WAF) protects web application servers and infrastructure from attacks and breaches originating from the Internet and external networks.

Advertisements

It is a purpose-built firewall that can be customized to accept and reject HTTP requests and sessions using predefined rules.

Techopedia Explains Web Application Firewall

A web application firewall is usually deployed between the web servers and the Internet. It is typically a standalone device having a pre-installed vendor-provided firewall application. It filters each incoming and outgoing message. Once configured with known malicious HTTP-based attacks, the web application firewall scans and stops such messages and requests. For example, it can protect an application/server from Internet-based threats such as:

  • SQL injection attacks
  • XML injection
  • DDoS

A web application firewall can be a standalone hardware device or a cloud/software-based solution.

Business antivirus software may include a WAF for additional network security.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.