A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.__Wiki
How WAF work?
- Exception Detection Protocol: Denies requests that do not meet HTTP standards
- Enhanced input validation: Proxy and server-side validation, not just client-side validation
- WhiteList & Blacklist
- Rule-based and exception-based protection: more black-based mechanisms based on rules, more flexible based on exceptions
- State management: focus on session protectionThere are also: Cookies protection, anti-intrusion avoidance technology, response monitoring and information disclosure protection.