How to configure web application firewall

The web application firewall or WAF is responsible for securing web applications against malicious traffic and cyber threats like cross-scripting attacks, DDoS mitigation attacks and SQL injections. These firewalls are designed to inspect the back-end server responses for data loss prevention.

The business rules which you have incorporated in your security policies like allowed character sets actually decide how the WAF will be configured. When you approach WAF configuration in this manner, the filters and rules will be self-explanatory. The WAF may reveal technical issues which arise within an application or inside a network like traffic bottlenecks and false positives.

You will need to subject the WAF to careful testing especially when the site is known for using unusual headers, cookies and URLs or some content which will not conform to the web standards. You should also keep aside extra testing time when you run many language versions of a specific application. This is because in such a case it will need to manage different character sets. By default, the Web Application Firewall offered by vendors will be compatible with most sites. So, every time a WAF is installed, default settings will typically work just fine. But, achieving 100% compatibility is not possible and you may face issues such as false positive alerts. This false positive is when something is analyzed as being positive when it is not; so, it is an incorrect diagnosis. In WAF context, it means any request getting blocked as it was erroneously evaluated to be malicious. So, to handle such instances and evade these in the future, you must know ways to detect them and rectify the errors.

Was this answer helpful? 6 5