What is a WAF or Web Application Firewall?

Add extra security with a web application firewall (WAF) and defend yourself from attackers.

What Is a WAF?

Even when you understand security, it is difficult to create secure applications, especially when working under the pressure so common in today’s enterprises. A WAF protects applications against sophisticated Layer 7 attacks that might otherwise lead to loss of sensitive data, systems being hijacked by attackers, and downtime. The NGINX WAF is based on the widely used ModSecurity open source software.

Videos on WAF

Secure your Apps with NGINX and the ModSecurity WAF

How to Deploy a WAF

The four‑step security lifecycle is critical for a persistent cycle of protection: secure, monitor, test, and improve. Before any device is connected to your network, make sure that you have documented the network infrastructure and hardened the device or the box it runs on. Always take time to apply patches and configure the device for increased security. You also want to carefully test it prior to deployment to expose any system integration issues the WAF might cause. From there, it is easy to deploy.

Is a WAF a Reverse Proxy?

A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. While proxies generally protect clients, WAFs protect servers, and are deployed to protect a specific web application. Therefore, a WAF can be considered a reverse proxy. WAFs may come in the form of an appliance, server plug‑in, or filter, and may be customized to an application.