December 10 – Set up a Web Application Firewall

Today, our tip #10 for a secure Christmas is to set up a web application firewall. A Web Application Firewall, or WAF, is a module that inspects the actual HTTP traffic for known security issues. Some products update their signatures automatically in a similar way to an antivirus, while some require you to create your own policies. Let’s say there is a new vulnerability for Apache Struts that can be exploited by using a certain string in a HTTP packet or URL; having a WAF in front of that would then stop those attacks if you either had created a policy for this on your own or subscribed to a provider that have created a rule set of this for you, once the exploit was known. A free and open source alternative is to use mod_security in Apache.


Previous security tips from our Christmas calendar