What is a Web Application Firewall (WAF)?

If you do not want your website to become a victim of cyberattacks, it’s time you learned about Web Application Firewall – WAF.

To understand what a web application firewall is in no time, imagine your website is a house on a crowded street with a lot of visitors. This house contains valuable information about your business, your customers’ data, while also serve as a front for you to reach out to customers.

What is a Web Application Firewall (WAF) cystack

 

As the owner, you probably do not want your house to be intruded by a thief who might steal your important properties or damage your home. And because your house is where you constantly run promotional campaigns for your business, sell products and communicate with your customers, any damage to it risks interrupting all your activities and cost you a lot of money.

Similarly, you also don’t want hackers to do so with your website. So, what to do?

The answer is to use a WAF (Web Application Firewall).

What is a WAF (Web Application Firewall)?

Similar to how you don’t want someone invading your house through the bedroom window that you forgot to lock, you really don’t want hackers to discover and exploit the vulnerabilities on your website.

(If you don’t know what website vulnerabilities are, have a look at this infographic – it takes fewer than 2 minutes).

Web application firewall is the protective layer between the user and your website – where any user’s access request goes through. Here, the WAF will block all malicious requests before they reach your website. Using WAF is similar to having visitors go through a control gate before they can access the front door – anything suspicious will be stopped at the gate.

Why should you use a web application firewall?

A website is never fully unaffected by vulnerabilities left behind by programmers, system configurations or the platforms and libraries being used. Due to the fact that website developers often lack a specialized team for security testing, vulnerabilities are difficult to avoid.

Meanwhile, new attack techniques are constantly discovered everyday. A website can be safe at the moment, but it’s impossible to make sure no new vulnerabilities would be discovered in the future. Relying on local firewalls or security solutions offered by hosting service providers is often not sufficient to prevent hackers from invading your website. WAF is therefore an effective solution to the problem.

How does a web application firewall operate?

Web application firewalls can operate under several different models, of which the most common one is Reverse-proxy. To explain the mechanism behind Reverse-proxy, let’s go back to the house we were talking about in the last part.

What is a Web Application Firewall (WAF) cystack

 

As you can see, in order to enter the house, visitors will have to go pass the control gate. Likewise, WAF acts as a proxy standing between user and website. Instead of users’ sending requests directly to the web server, WAF will receive these requests, forward them to the web server, receive the web server’s response, then forward them back to the user.

In this process, WAF will analyze and assess whether a request can be considered malicious and needed to be blocked. The analysis utilizes different identification patterns for each type of attack on different vulnerabilities.

Quality of a WAF depends mainly on its set of rules and the capacity of proxy servers – determining the number of instances that the WAF can identify and its ability to prevent malicious behaviors on a large scale. In the event of new attack techniques or new vulnerabilities being discovered, the corresponding rule would quickly be updated for WAF.

So where to find a WAF to set up for your “house” – your website?

Let’s start with CyStack Protecting – a part of the CyStack Platform.

What is a Web Application Firewall (WAF) cystack

CyStack Protecting

Protecting is one of the four applications in the CyStack Platform, a Web-based reverse-proxy application firewall for your website. As mentioned above, CyStack Protecting focuses on developing the two most important factors that determine the quality of a WAF: rule sets and proxy servers. Based on the SaaS model, CyStack’s research team is constantly updating new vulnerabilities and attack techniques to ensure that your website is well protected.

On the other hand, CyStack Protecting also offers proxy servers in many locations around the world. Combined with optimizing mechanisms, load balancing and other measures, CyStack Protecting can significantly improve your website performance.

If you are interested in rankings of websites on the search engines, CyStack Protecting can help you with a free SSL certificate – a sign for search engines like Google to recognize your site as having higher security. This leads to you being prioritized on the search results page.

Last but not least, CyStack Protecting allows customization and logging for technical usage. For special needs, CyStack’s technical team is always ready to tweak the recognition to fit with your website.

> Start using CyStack Protecting for free here <

How to begin with CyStack Protecting?

To activate CyStack Protecting, firstly, you have to add your website to CyStack Platform (further instructions on adding and verifying websites can be found here).

Next, open CyStack Protecting and choose Activate.

Next, you have the option to use the HTTPS protocol or not (to increase the security of the website, CyStack recommends that users choose to use HTTPS).

If you choose to use HTTPS, there are some configurations you can customize:

  • The type of certificate: you can choose between using their current SSL certificate (by uploading the file containing the certificate and private key) or using the certificate provided by CyStack (via Let’s Encrypt).
  • TLS mode: if your website was using HTTPS, you can select either TLS modes: Full or Full (Strict) -corresponding to whether the connection between the WAF and your website does or does not require a valid SSL certificate.
  • HTTP to HTTPS redirection: when you select Yes, visitors accessing using the HTTP method will automatically be redirected to HTTPS.

After choosing the proper configuration, select Continue. To complete the activation of CyStack Protecting, you will need to point the DNS records of the domain to the IP address of the proxies offered by CyStack according to the in-app instructions. The process often takes place through the web interface of the domain supplier. CyStack Protecting will be automatically activated when the DNS record change is detected.

Have fun protecting your website!

CyStack