Broadly, these policies fall into two categories: a block model where traffic resembling known attacks are denied passage through the WAF, and an allow model where traffic that is pre-approved will be granted passage. WAFs operate through policies that establish what malicious traffic and safe traffic look like. To prevent such attacks, a WAF monitors and examines every single data packet going in and out of a web server to ensure that the data packets are safe. Some of the attacks that malicious clients can launch on web applications include cross-site scripting (XSS), cross-site forgery, SQL injection, file inclusion, and cookie poisoning. For a WAF, its protection is in the reverse direction: it positions itself in the middle of data flows between the server and client machines to protect the server from potentially malicious traffic originating from clients.
Proxies typically protect client machines’ identities from web servers by positioning itself in the middle of the data flows between client and server machines. How a WAF worksĬonceptually, a WAF works like a reverse proxy.
In the Open Systems Interconnection (OSI) seven-layer model, a WAF operates at the application level, which is the seventh and highest level. A WAF serves two major functions: preventing malicious traffic from reaching web applications hosted on a server and preventing unauthorized data from leaving the web server. A Web Application Firewall, as the term firewall implies, is a middleman that sits between web applications on a web server and the Internet.
0 kommentar(er)
