Richard-Bevan

An Introduction to Web Application Firewalls (WAF)

Is a Website Application Firewall important? Considering that this solution can help stop cyber attacks, preventing costly data breaches and downtime from occurring, it is one of the most essential add-ons a website owner should get for his or her website. We invite you to check the video below in order to discover a few more essential aspects relating to this application.

Good morning, Richard, I’d like to ask you about Website Application Firewalls. What is a Web Application Firewall (WAF)?

A Web Application Firewall is a service that sits in front of your website. Essentially, before traffic gets to your website, it passes through this filtering service. WAF therefore affords you a level of protection before harmful content can reach your website.

Why should a WordPress website owner use a Website Application Firewall?

Well, everybody who has owned a WordPress website should be quite aware of how vulnerable WordPress can be because of its popularity and the various complications that come as a result of badly configured servers or plug-ins. Hackers and data thieves are always looking to exploit these loopholes.

Website Application Firewall at its most basic offloads your security onto a platform where requests can be cached and other security issues such as denial of service – where you’re bombarded with tens of thousands of hits from outside the country – solved.
When these (denial of service) attacks are coming in through the WAF filter, it becomes much easier to identify and deal with them. This by extension protects your site from the inevitable attacks and hacks.

Are there any downsides to using WAF?

Yes, absolutely. Firstly, you will be paying for these services and depending on your provider and quality of services offered, you’ll need a decent budget.
Secondly, you’ll need to be fully aware of what you’re hosting and must keep close attention to your shopping baskets. These web applications provide caching services which will allow you to identify sites that may be scouring the internet for live data or session data. When you can identify such sites it becomes much easier to stop them from accessing your shopping baskets.

How easy is it to install WAF?

The installation of Website Application Firewall should be a fairly straightforward process. The biggest challenge lies in finding the right WAF service provider. The actual installation is pretty simple as it merely involves a DNS change and locking down your servers should you choose to do so.

Does DNS pose any serious problems that users of WAF should be wary of?
Not really. The only important thing to note is that should you ever need to extract WAF from your architecture, using a low TTL will serve you well.

So, should WAF be taken a little more seriously than it is today?

Yes absolutely. Running a website with less than enough security in today’s world is like asking for trouble. WAF allows you to double check authentication on your URLs which is a great way to beef website security.

Thank you, Richard. See you on the next cast.
Thank you, Paul.