In our ever more digital and connected world, conducting business and In our ever more digital and connected world, conducting business and holding data about your clients is under increasing threat from attack and exploitation by those less scrupulous than yourself. More and more you hear of stories of large and sophisticated businesses that have had information hacked, creating headaches, hassles, and the obvious reputational damage with their names plastered around about the breach. They’ll spend countless hours doing damage control. They believed that they were protected. The time and effort involved in cleaning something like this up, even for those with the deep pockets that can do so, is an undertaking. They can weather the storm, but could you?
Hacking a server is more than just finding an administrator user name and password. A hacker can use several types of attacks that give him access to your data. Our Web Application Firewall (or WAF for short), protects against a number of threats, such as cross-site request forgeries, cross-site scripting, SQL injection, protocol violations, and brute force login attempts. They are looking for a weak spot, a place that they can wiggle their way in to do what they intended to.
We have several options that depend on use cases, that we can then configure your server to protect from these attacks, as well as a number of other threats you need to be protected against.
Here’s what a WAF will do for you:
Data Leakage Protection
Our WAF protects your servers from data theft such as credit cards or other sensitive customer data, which is the lifeblood of your customers and your company’s reputation
Cross Site Request Forgeries (CSRFs) Protection
CSRF vulnerabilities have been around for over a decade. These attacks make use of a user’s session variable that sets after the user logs in to pages such as a banking site, which is why the hack is also called “session riding.” Our web application firewall adds a validation filter to protect users from stolen sessions.
Cross Site Scripting (XSS) Protection
XSS works with similar concepts as CSRFs. XSS uses cross site scripting such as JavaScript added to querystring values that prints to the web page. Developers can code pages that strip these malicious values from the code, but web application firewalls also help protect from XSS.
Remote File Inclusion (RFI) Protection
RFIs take advantage of sites that use dynamic inclusion of external files such as JavaScript. Dynamic scripting is rerouted to a malicious JavaScript file that steals user data. Web application firewalls contain a blacklist of these malicious files and trigger an alert to stop files from being maliciously added to an HTML page.
SQL Injection Protection (SQLi) Protection
SQL injection is one of the most common hacks. SQL injection takes advantage of malformed queries sent to database servers. A web application firewall scrubs malformed requests and stops them from being executed on the database server. SQL injection can lead to several other aforementioned hacks, but SQLi can also give hackers elevated permissions to your servers. The result is data theft and phishing served directly from your web servers.
Brute Force Attack Protection
Brute force is the name given to “guessing” your passwords. Hackers send login attempts to your administration pages such as a WordPress login page. The hacker uses dictionary terms and common password values to eventually guess your password and log in to your administration console. Web application firewalls detect these attacks and block the attacker from further attempts.
Layer-7/HTTP Denial-of-Service Attack Protection
DoS attacks flood your web servers with traffic. The attacks use up your web server resources and block legitimate traffic. A web application firewall detects a DoS attack before it drains your server resources and blocks the attack.
Web Spam Protection
If you own a blog, you need protection from web spam comments. Web spam is usually automated, so you need software that detects common web spam comments and filters them from your site. Web spam devalues your site in search engines and loses trust with users. Poorly maintained blogs look abandoned to your visitors and often cost you sales.
Virtual/Just in Time Patching
Past patches protect from previous malware, but you must continually patch your servers to protect from recent hacks.
In addition to protecting your web servers from the above attacks, you also want a host that has a low false-positive rate. A false positive means that legitimate traffic is blocked, which makes these triggers costly for businesses.