A web based firewall can be described as a security policy enforcement point established between a web application and the client end point. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.
In simple terms, a web based firewall protects web applications pretty much in the same way a traditional firewall protects a network. Web based firewall controls the input and output, as well as the access to and from the asset it is meant to protect.
However, traditional network firewalls, and even Intrusion Prevention Systems evaluate IP packets or protocols without an awareness of the application payload in such a way that they cannot provide sufficient protection to the application layer. Without an awareness of the HTML data payload these layer 3 devices cannot recognize and overcome the types of application layer threats that make web applications vulnerable to attack.
Risks Of Not Having A Web Based Firewall
Red alert for any business or person who runs a web site though, deploying any type of web application – even commercial applications or ones supported by a hosting provider -may put the web site at risk of several things:
Website destruction and vandalism: using certain website cracking tools, hackers can gain access to parts of your web site that the visitor never catches a glimpse of – those files and folders that exist outside of the web document root directory.
Stealing of user information: using SQL Injection exploits attackers can access any data kept in the databases that your web site depends on. Sources of information like user accounts, user identities, and user credit cards can be stolen or manipulated. Cross-site scripting can also be used to trick users into submitting such information as well. By uploading malicious scripts to a vulnerable web site, hackers can create a fake login area where visitors unknowingly submit their information to the hacker.
Stolen user sessions: using Cross-Site Scripting, hackers are able to steal a legitimate user’s session identification and manipulate it to gain access to their crucial information.
Website being downplayed as malicious sources by search engines: various vulnerabilities found in many web sites allow hackers to upload spam links to sites. Sites vulnerable to Cross-Site Scripting can also be manipulated until hackers are able to upload malicious scripts like Trojan horses, keystroke loggers, adware, spyware, and other malware. Once the search engines become aware of sites serving spam or malware, they are flagged down as potential malicious sources as well and their page ranking drastically droops.
Web based firewall is a perfect solution to these problems with code reviews and vulnerability assessments because they actively and constantly protect web applications against such threats using Pattern Recognition to detect and thwart zero-day exploits and other evolving threats, Session Protection to help prevent impersonation, and a Signature Knowledgebase to block known vulnerabilities and known hackers.
- XSS Vulnerabilities, Injections and How to Prevent Attacks
- Web Application Firewall
- SQL Injection Scanner and Prevention Strategies