Web Application Firewall - FullHost ®

Web Application Firewall

Place the data that you hold of those that you do business with under the greatest of care, and be protected against the multitude of threats that are out there.

Web Application Firewall

In our ever more digital and connected world, conducting business and holding data about your clients is under increasing threat from attack and exploitation by those less scrupulous then yourself. More and more you hear of stories of large and supposedly sophisticated businesses that have had information hacked, creating headaches, hassles, and obviously the reputational damage with their names plastered around about the breach and spending countless hours doing damage control. They believed that they were protected. The time and effort involved in cleaning something like this up, even for those with the deep pockets that can do so, is an undertaking. They can weather the storm, but could you?

Hacking a server is more than just finding an administrator user name and password. A hacker can use several types of attacks that give him access to your data. Our Web Application Firewall (or WAF for short), protects against a number of threats, such as cross-site request forgeries, cross-site scripting, SQL injection, protocol violations, and brute force login attempts.

We configure your server to protect from these attacks, as well as a number of other threats you need to be protected against.

Here’s what a WAF will do for you:

Data Leakage Protection
Our WAF protects your servers from data theft such as credit cards or other sensitive customer data., which is the lifeblood of your customers and your company’s reputation

Cross Site Request Forgeries (CSRFs) Protection

CSRF vulnerabilities have been around for over a decade. These attacks make use of a user’s session variable that sets after the user logs in to pages such as a banking site, which is why the hack is also called “session riding.” Our web application firewall adds a validation filter to protect users from stolen sessions.

Cross Site Scripting (XSS) Protection

XSS works with similar concepts as CSRFs. XSS uses cross site scripting such as JavaScript added to querystring values that prints to the web page. Developers can code pages that strip these malicious values from the code, but web application firewalls also help protect from XSS.

Remote File Inclusion (RFI) Protection

RFIs take advantage of sites that use dynamic inclusion of external files such as JavaScript. Dynamic scripting is rerouted to a malicious JavaScript file that steals user data. Web application firewalls contain a blacklist of these malicious files and trigger an alert to stop files from being maliciously added to an HTML page.

SQL Injection Protection (SQLi) Protection

SQL injection is one of the most common hacks. SQL injection takes advantage of malformed queries sent to database servers. A web application firewall scrubs malformed requests and stops them from being executed on the database server. SQL injection can lead to several other aforementioned hacks, but SQLi can also give hackers elevated permissions to your servers. The result is data theft and phishing served directly from your web servers.

Brute Force Attack Protection

Brute force is the name given to “guessing” your passwords. Hackers send login attempts to your administration pages such as a WordPress login page. The hacker uses dictionary terms and common password values to eventually guess your password and log in to your administration console. Web application firewalls detect these attacks and block the attacker from further attempts.

Layer-7/HTTP Denial-of-Service Attack Protection

DoS attacks flood your web servers with traffic. The attacks use up your web server resources and block legitimate traffic. A web application firewall detects a DoS attack before it drains your server resources and blocks the attack.

Web Spam Protection

If you own a blog, you need protection from web spam comments. Web spam is usually automated, so you need software that detects common web spam comments and filters them from your site. Web spam devalues your site in search engines and loses trust with users. Poorly maintained blogs look abandoned to your visitors and often cost you sales.

Virtual/Just in Time Patching

Past patches protect from previous malware, but you must continually patch your servers to protect from recent hacks.

In addition to protecting your web servers from the above attacks, you also want a host that has a low false-positive rate. A false positive means that legitimate traffic is blocked, which makes these triggers costly for businesses.