A website firewall is a type of firewall that governs traffic to, from, or by a website.
Website firewalls, (or application layer firewalls), use a series of configured policies to determine whether to block or allow communications to or from a website.
Traditional firewalls control data flow to and from the CPU, examining each packet as it passes through. A website firewall takes it further by controlling the execution of files or code by specific applications. This way, even if an intruder gains entry to a network or server, they can’t execute malicious code.
Website firewalls can be active or passive.
Active – Active website firewalls actively inspect all incoming requests—including the actual message being exchanged—against known vulnerabilities such as SQL injections, parameter and cookie tampering, and cross-site scripting. Only requests deemed “clean” are passed to the website.
Passive – Passive website firewalls act in a similar way to an intrusion detection system (IDS) in that they also inspect all incoming requests against known vulnerabilities, but they don’t actively reject or deny those requests if a potential attack is discovered.
Website firewalls are updated remotely and automatically, which allows them to prevent newly discovered vulnerabilities, almost in real-time. They’re often more up to date than specific security-focused code included in applications, due to the longer development and testing cycles required to include such code within applications.
Practically any website can be protected by a website firewall, without altering its code and can be done in a few hours.
Related Articles
What is a DNS firewall?
A DNS Firewall is a network security solution that prevents Internet users and systems from connecting to known malicious Internet locations, keeping your DNS infrastructure online no matter what attacks are fired at your servers. DNS Firewalls can ...
How DNSSEC works
The domain name system (DNS) is the phone book of the Internet: it tells computers where to send and retrieve information. Unfortunately, it also accepts any address given to it, no questions asked. Email servers use DNS to route their messages, ...
Why is updating your website so important?
We understand your hesitation to update your website. Breaking your website is a legitimate fear. But not updating is far worse. In this article, we answer your questions: Why should a website be updated? How do I know when my website needs updating? ...
Confidential information sharing with one-time link
For security reasons, we do not share confidential information (such as access and password details) by email or other means. When we have to share this type of information with you, you will receive a one-time link to access this information. - The ...
WordPress user roles
A user role defines the permissions a user has within your WordPress installation. It allows them to perform tasks appropriate to their place in your organization. WordPress installations have several distinct user roles with predefined capabilities, ...