Alexa metrics

Security FAQ Series: What’s a WAF?

27 November 2018 by Jenn Granger

The cybersecurity world is one that is under siege every single day. With DDoS attacks and digital criminals on the rise as we speak, it’s important to get to grips with the basics of how to keep your solution secure from those who want to bring you down.

We’re here to help you understand every element of your business’ security and what you can do to make it even stronger. That’s why we’ve created a special blog series to help you look in depth at your site’s security, giving you everything you need to fight back and not get hacked!

So, without further ado, welcome to the second blog in our Security FAQ series. Today, we delve into WAFs.

Garyandsarasmall

 

What is a WAF?

A WAF (or web application firewall) is a service that blocks suspicious activity before it hits your data and applications, protecting your site as hackers attempt to exploit any weaknesses in your code.

The purpose of a WAF is to protect your website against application level (level 7) attacks; while your system is usually fitted with a firewall (traditional or an Intrusion Detection/Prevention System) as standard, these programmes might not be able to deal with the sophisticated level of attacks which we see happening more and more often.

Targeted attacks from hackers are usually disguised as genuine requests, trying to trick your firewall into letting them through its gates. More traditional firewalls will not recognise this traffic as a threat, telling them to “Come on in!” which is often followed by disaster. Once the traffic has accessed your applications, it’s so easy for hackers to do what they wish with the sensitive data stored in your databases.

That’s where a WAF comes in: WAFs are designed to proactively protect the application layer of your site against attempted fraud or data theft, blocking any suspicious activity from the offset.

 

How does it do this?

A WAF carefully and methodically inspects every web request for cross-site scripting (XSS), SQL injections, path traversal and 400+ (yes, 400) other types of attack as they occur. In thoroughly screening your application layer, a WAF’s job is to block malicious traffic.

 

What is XSS?

XSS – that’s cross-site scripting to you and I – attacks occur when an untrusted data source is allowed to inject its own code into a web application, exploiting a vulnerability in the website’s code.

 

What is an SQL injection?

Similarly to an XSS, an SQL injection – or SQLi – is one of the most common hacking techniques, when hackers place (or inject) samples of malicious code in SQL (Structured Query Language) statements into your webpage, usually using a log-in (‘enter your username’ page) to try to control your applications database server.

Both XSS and SQLis can result in data loss, downtime and reputational damage to your business. If your WAF detects any questionable activity trying to work its way into your site, it has the ability to decrypt this traffic to see what’s really behind it and inspect it more closely, before re-encrypting it – blocking it or sending it on its merry way.

Red teaming

 

What type of WAF is right for me?

At UKFast we provide two kinds of WAFs: a dedicated WAF and a WAF on DDoSX®.

A dedicated WAF is a piece of physical hardware at one of our UKFast data centres, configured and build by our security experts. Our enterprise-level support system means that the UKFast Security Team maintains all updates to your dedicated WAF and tailors your web application firewall to suit your business requirements and solution, making each WAF totally bespoke for each business.

A WAF on DDoSX, on the other hand, is managed by you – controlled through your MyUKFast portal. It is global network-based and can be deployed instantly. The service offers whitelisting which means that no high-quality traffic is blocked by mistake. As a WAF on DDoSX is controlled by you, it’s quick and easy to update.

Both types of WAF safeguard you from all inbound traffic, monitoring and reporting, ensuring that any suspicious activity doesn’t make it anywhere near your business. Both WAFs come with award-winning 24/7/365 support, so you have first-class cybersecurity advice at your fingertips, rain or shine.

 

Advanced whitelisting

We’ve recently added a new feature to our WAF service with DDoSX. Advanced whitelisting allows you to combat false positives more flexibly by whitelisting genuine traffic to your site based on the rules they create.

WAFs are the best way to gain all-round protection for your application. So, if you want to ensure your personal and customer data remains out of dangerous hands, speak to a UKFast security expert today.

 

To speak to a UKFast cybersecurity expert about our WAF service, call 0800 231 5680 or head to the UKFast website.

Head to the site