Firewalls are an integral part of the tools needed to secure web servers. In this article, we will discuss all relevant aspects of web application firewalls. We’ll explore a few concepts that touch on these firewalls, both from a compliance and technical perspective, as well as some examples of how we can use ModSecurity to enforce certain rules.
Web Application Firewalls (WAFs) are security solutions that can be installed on web servers with the aim of protecting web applications from abuse by hackers. Simply put, a WAF is an application firewall for HTTP applications.
A WAF can be a server plugin, appliance, or filter and can be used to protect various web applications against attacks such as cross-site scripting (XSS) or SQL injection (SQLi). Some WAFs are open-source while others are proprietary.
Let’s consider some pros and cons of open-source WAFs.
Advantages of open source WAFs
The biggest advantage of open source WAFs is that they are much more affordable compared to proprietary WAFs. If you don’t want to spend huge amounts of money on high-end WAFs, your best bet would be to get one of the more common and reliable WAFs like ModSecurity.
Open source WAFs offer great flexibility. This means that they are highly customizable and will allow you to make configurations according to your project needs, and they will work perfectly. You can add different modules as you like.
Disadvantages of open source WAFs
Since open source WAFs are accessible “free”, you won’t have much luck with setup and troubleshooting. You will mostly and always have to do all the setups on your own, and things get messy sometimes.
Another downside comes from usability. The interfaces you get when you run these WAFs (Read More…)