Skip to main content

What is a WAF (web application firewall)?

FAQ resource for your migration project.

FAQ resource for What is a WAF (web application firewall)?.

Answer

A web application firewall inspects HTTP/HTTPS traffic between clients and a web application and filters or blocks malicious requests before they reach the app. It defends against common attacks such as SQL injection, cross-site scripting, and known exploit patterns using managed rule sets, rate limiting, and bot mitigation. A WAF is a useful layer of defense but does not replace secure coding; it mitigates attacks rather than fixing the underlying vulnerabilities.