Skip to content

Web Application Firewall (WAF)

A Web Application Firewall (WAF) protects web applications from online threats such as SQL injection, cross-site scripting, and other malicious activity.

What is a WAF

A WAF acts as a protective barrier between a web application and its users. It filters and monitors incoming traffic to detect patterns or anomalies that may indicate an attack.

How WAF Works

The WAF analyzes traffic exchanged between users and the web application. When traffic appears malicious, the WAF can block, redirect, or otherwise neutralize it while allowing legitimate traffic to pass.

Creating a WAF Policy

Create a WAF policy when you need to define how WAF should inspect and respond to application traffic.

WAF policies support two major modes:

Mode Purpose
Enforcement Mode Provides active protection by blocking or mitigating malicious traffic.
Learning Mode Lets the WAF adapt to the behavior of the web application and users.

Configuring WAF Rules

Enforcement Mode

Option Description
Blocking Prevents potentially malicious requests from reaching the web application.
Transparent Allows the WAF to operate without modifying the communication flow between users and the web application.

Learning Mode

Learning mode Description
Manual Learning Mode Administrators review and adjust security rules directly. This requires security expertise and time for analysis and rule refinement.
Automatic Learning Mode Uses automation and machine learning to adjust rules based on traffic behavior.

Tip

Choose manual or automatic learning based on available security expertise, desired rule control, and how quickly the WAF needs to adapt to traffic changes.

Associating a WAF with a Load Balancer

After creating the policy, assign it to the desired load balancer.

[ADD CONTENT: No existing content in current documentation.]