{"id":1345,"date":"2023-11-17T02:32:20","date_gmt":"2023-11-17T02:32:20","guid":{"rendered":"https:\/\/matob.web.id\/random\/?p=1345"},"modified":"2023-11-17T02:32:20","modified_gmt":"2023-11-17T02:32:20","slug":"web-application-firewall","status":"publish","type":"post","link":"https:\/\/matob.web.id\/random\/web-application-firewall\/","title":{"rendered":"What Is Web Application Firewall (WAF)?"},"content":{"rendered":"

Web Application Firewall (WAF)<\/a> is a firewall that monitors, filters, and blocks data coming from the client to a website or web application. A Web Application Firewall can be network-based, host-based or cloud-based, and is sometimes used via a reverse proxy in front of a website or application.<\/p>\n

As a network tool, server plugin or cloud service, WAF examines every data to analyze Layer 7 web application logic and filter out malicious traffic that can damage websites.\u00a0WAF is a security that is quite commonly used by companies to protect websites from exploits, malware, and other threats.<\/p>\n

Through these safeguards, Web Application Firewall (WAF)\u00a0can detect and quickly secure websites from even the most dangerous threats, which even traditional firewalls such as IDSes and IPSes cannot.<\/p>\n

WAF is usually very useful for companies that provide their products or services on the internet such as e-commerce, online banking, and others.<\/p>\n

Web Application Firewall vs <\/strong>Firewall<\/strong><\/h2>\n

\"web<\/p>\n

Firewall is a broad term for firmware that protects a computer network by filtering incoming data.\u00a0Within these broad terms, there are several categories that are differentiated based on what protection they provide.<\/p>\n

Meanwhile, Web Application Firewall (WAF) is another category of firewall and is distinguished by how specifically WAF filters data.<\/p>\n

WAF itself is unique because it only focuses on web-based attackers at the application layer, where other types of firewalls cannot fight attacks like this. Web Application Firewall (WAF) is similar to a proxy firewall, but with a specific focus on Layer 7 application logic.<\/p>\n

How Web Application Firewall (WAF) works?<\/strong><\/h2>\n

Web Application Firewall (WAF) analyzes requests from Hypertext Transfer Protocol (HTTP) and applies all the rules that define which parts are correct or suspicious.<\/p>\n

The main parts of HTTP that WAF analyzes are GET and POST requests. GET requests are used to receive data from the server, while POST requests are used to send data to the server.<\/p>\n

WAF uses three approaches to analyze and filter content from HTTP.\u00a0You can listen to it below:<\/p>\n

Whitelisting<\/strong> :<\/p>\n

Whitelisting means WAF will reject all requests by default and only allow requests that are already trusted.\u00a0Usually there is already an IP address provided and it is known to be secure.<\/p>\n

Whitelisting is an easier way than blacklisting.\u00a0However, the drawback of whitelisting is the possibility of blocking traffic either accidentally.\u00a0Although it can be very efficient, sometimes using whitelisting becomes less accurate.<\/p>\n

Blacklisting<\/strong> :<\/p>\n

Blacklisting by default will leave data and use certain presets to block malicious web traffic or web applications.\u00a0Simply put, blacklisting is the use of certain rules that can indicate a danger.<\/p>\n

Blacklisting is more appropriate for public websites because it receives a lot of traffic from unfamiliar IP addresses, and it is not known whether it is malicious or good traffic.<\/p>\n

The disadvantages of blacklisting are that it takes more effort to use it, and must have more information to filter data based on specific information.<\/p>\n

Hybrid security<\/strong> :<\/p>\n

This model uses both whitelisting and blacklisting elements.<\/p>\n

Whichever model you use for WAF, the real hard job is to analyze HTTP interactions and destroy malicious traffic before it hits your server.<\/p>\n

Types of Web Application Firewall (WAF)<\/strong><\/h2>\n

Network-based\u00a0<\/strong>WAFs <\/strong>are\u00a0usually hardware-based and can reduce latency because they are installed locally and near applications.\u00a0Most network-based WAF vendors allow replicating rules and settings across their equipment, allowing users to deploy and configure at scale.<\/p>\n

The disadvantage of this type of WAF is the cost because you will be asked for money in advance, then costs for operational maintenance.<\/p>\n

Host-based\u00a0<\/strong>WAF<\/strong>\u00a0can be fully integrated into the application code itself.\u00a0The advantages of implementing host-based WAF are low costs and ease of customization.<\/p>\n

However, this type can be difficult because it requires an application library and relies on a local server to work effectively.<\/p>\n

Therefore, more employees are needed, including developers, systems analysts, and possibly DevOps \/ DevSecOps as well.<\/p>\n

Cloud-based\u00a0<\/strong>WAF<\/strong> offers a cheaper solution for companies that want minimal resources for Web Application Firewall (WAF) management. Cloud WAF is easier to deploy and available on a usage or subscription basis.<\/p>\n

Sometimes it just takes a simple domain system or proxy change to redirect app traffic. While it may worry you to have to entrust your company’s traffic to third parties, namely WAF vendors, this method allows your application to be protected across a wide spectrum of hosting locations.<\/p>\n

In addition, WAF vendors must already have the latest security updates and be able to identify the latest threats<\/a> as well.<\/p>\n

Web Application Firewall (WAF) Benefits<\/strong><\/h2>\n

Web Application Firewall (WAF) has many advantages over other traditional firewalls as it offers better visibility of sensitive data from the HTTP layer. WAF can prevent attacks at the application layer that would normally bypass traditional firewalls.<\/p>\n