What Does Web Application Firewall Mean?
A web application firewall (WAF) protects web application servers and infrastructure from attacks and breaches originating from the Internet and external networks.
It is a purpose-built firewall that can be customized to accept and reject HTTP requests and sessions using predefined rules.
Techopedia Explains Web Application Firewall
A web application firewall is usually deployed between the web servers and the Internet. It is typically a standalone device having a pre-installed vendor-provided firewall application. It filters each incoming and outgoing message. Once configured with known malicious HTTP-based attacks, the web application firewall scans and stops such messages and requests. For example, it can protect an application/server from Internet-based threats such as:
- SQL injection attacks
- XML injection
A web application firewall can be a standalone hardware device, and also a cloud/software based solution.