Web Application
Firewall

Shield your web applications with a WAF and protect the data and information you hold from a slough of attack vectors.

Contact Us

Overview

Let the good traffic in, and keep the bad traffic out.

In our ever more digital and connected world, conducting business and In our ever more digital and connected world, conducting business and holding data about your clients is under increasing threat from attack and exploitation by those less scrupulous than yourself. More and more you hear of stories of large and sophisticated businesses that have had information hacked, creating headaches, hassles, and the obvious reputational damage with their names plastered around about the breach. They’ll spend countless hours doing damage control. They believed that they were protected. The time and effort involved in cleaning something like this up, even for those with the deep pockets that can do so, is an undertaking. They can weather the storm, but could you?

Hacking a server is more than just finding an administrator user name and password. A hacker can use several types of attacks that give him access to your data. Our Web Application Firewall (or WAF for short), protects against a number of threats, such as cross-site request forgeries, cross-site scripting, SQL injection, protocol violations, and brute force login attempts. They are looking for a weak spot, a place that they can wiggle their way in to do what they intended to.

We have several options that depend on use cases, that we can then configure your server to protect from these attacks, as well as a number of other threats you need to be protected against.

Here’s what a WAF will do for you:

Data Leakage Protection

Our WAF protects your servers from data theft such as credit cards or other sensitive customer data, which is the lifeblood of your customers and your company’s reputation

Cross Site Request Forgeries (CSRFs) Protection

CSRF vulnerabilities have been around for over a decade. These attacks make use of a user’s session variable that sets after the user logs in to pages such as a banking site, which is why the hack is also called “session riding.” Our web application firewall adds a validation filter to protect users from stolen sessions.

Cross Site Scripting (XSS) Protection

XSS works with similar concepts as CSRFs. XSS uses cross site scripting such as JavaScript added to querystring values that prints to the web page. Developers can code pages that strip these malicious values from the code, but web application firewalls also help protect from XSS.

Remote File Inclusion (RFI) Protection

RFIs take advantage of sites that use dynamic inclusion of external files such as JavaScript. Dynamic scripting is rerouted to a malicious JavaScript file that steals user data. Web application firewalls contain a blacklist of these malicious files and trigger an alert to stop files from being maliciously added to an HTML page.

SQL Injection Protection (SQLi) Protection

SQL injection is one of the most common hacks. SQL injection takes advantage of malformed queries sent to database servers. A web application firewall scrubs malformed requests and stops them from being executed on the database server. SQL injection can lead to several other aforementioned hacks, but SQLi can also give hackers elevated permissions to your servers. The result is data theft and phishing served directly from your web servers.

Brute Force Attack Protection

Brute force is the name given to “guessing” your passwords. Hackers send login attempts to your administration pages such as a WordPress login page. The hacker uses dictionary terms and common password values to eventually guess your password and log in to your administration console. Web application firewalls detect these attacks and block the attacker from further attempts.

Layer-7/HTTP Denial-of-Service Attack Protection

DoS attacks flood your web servers with traffic. The attacks use up your web server resources and block legitimate traffic. A web application firewall detects a DoS attack before it drains your server resources and blocks the attack.

Web Spam Protection

If you own a blog, you need protection from web spam comments. Web spam is usually automated, so you need software that detects common web spam comments and filters them from your site. Web spam devalues your site in search engines and loses trust with users. Poorly maintained blogs look abandoned to your visitors and often cost you sales.

Virtual/Just in Time Patching

Past patches protect from previous malware, but you must continually patch your servers to protect from recent hacks.

In addition to protecting your web servers from the above attacks, you also want a host that has a low false-positive rate. A false positive means that legitimate traffic is blocked, which makes these triggers costly for businesses.

Made InCanada
Made by Canadians,
for Canadians

Never worry about compliance again. Our servers are hosted directly on Canadian soil, and support is given by a 100% Canadian team.

We Start,
Where Others Stop.

If you've been burned by terrible hosting services before, we get you. We want every client to feel important and fully taken care of, and we'll spend the time it takes to solve any problem that arises.

Trusted by Clients Across All Industries

Don't take our word for it - let our happy clients do the talking. See More

Full Host did an amazing job of migrating my site seamlessly onto their server. My only regret was not switching my site over to them sooner. Now it is performing great, images are uploading way faster than ever before.

" Vancouver Sofa and Patio - Jerry Schmidt

Two thumbs up for Fullhost! Agents reply to me fairly quickly or at least let me know they received the ticket and are looking into it. Kudos to the support team as they have always given me exactly what I need without delays.

" Universal Staffing Inc. - Anthony Calvano

FullHost is an absolute pleasure to work with, and their customer service is exceptional. Whenever I have questions or need adjustments, they are there to help, quickly, efficiently, with answers and insights.

" Mooseworld Inc. Norine Leibel

With coast to coast coverage,
We help you serve the world.

Whether your audience is located in Europe, Asia, Africa, or Australia, provide them with lightening speed!

FullHost's data centers are located in Toronto and Vancouver to ensure worldwide quality and speed.

Get in Touch
We Trust Only The Best Tech to Support You

FullHost operates with the most innovative technology to bring you unparalleled levels of hosting services.