Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A web application firewall (WAF) protects web application servers and infrastructure from attacks and breaches originating from the Internet and external networks.
It is a purpose-built firewall that can be customized to accept and reject HTTP requests and sessions using predefined rules.
A web application firewall is usually deployed between the web servers and the Internet. It is typically a standalone device having a pre-installed vendor-provided firewall application. It filters each incoming and outgoing message. Once configured with known malicious HTTP-based attacks, the web application firewall scans and stops such messages and requests. For example, it can protect an application/server from Internet-based threats such as:
A web application firewall can be a standalone hardware device, and also a cloud/software based solution.