Why you need a Web Application Firewall
We’ve identified that a major source of stress for our agency partners is dealing with automated attacks and bots against common frameworks such as WordPress and Magento. The simplest way of blocking these attack attempts for our customers so far has been a Web Application Firewall through our partner Incapsula. Incapsula by Imperva is a market leading security product providing DDoS mitigation, Content Delivery, Enterprise WAF and Load Balancing. Unfortunately for some budgets can put this great product just out of reach.
What is a Web Application Firewall?
The Internet can be divided in to layers to ease understanding of how it works underneath. These layers are:
- Application Layer – e.g. Email, HTTP, SSH
- Transport Layer – e.g. TCP, UDP, Port Numbers
- Internet Layer – e.g. IP Addresses, ICMP, IPSec
- Link Layer – e.g. Ethernet, DSL, ARP
A traditional firewall will operate at the Transport Layer allowing you to specify what’s called a 5-Tuple rule based on source IP and port, destination IP and port, and the protocol. These are the standard rules which allow things such as access to port 80 on your web server for HTTP.
An application firewall on the other hand works at the application layer and performs inspection on the internals of the traffic to determine if the traffic is legitimate. A web application firewall is one targeted at securing websites and can block traffic such as cross site scripting attacks (XSS), SQL injection, brute force attacks, and others.
Why is a WAF important?
Almost all websites come under fire every day from automated scans and attacks from malicious Internet users looking for opportunities to undermine the security of somebody’s website in order to exploit the resource behind it for their own means. To compound this situation, the more common the web framework in use the more well known any security exploits in that framework are. The prime examples of this are WordPress and Magento, both of which come under regular constant attack from sources trying to exploit their weaknesses. Once compromised, damage can range from a subtle stream of spam emails sent from the server all the way up to your entire website being deleted by the attacker.
What Wirehive are doing
We’ve decided we want Web Application Firewalling to be accessible to everyone, and consequently are currently trialing a variety of methods of bringing this to you using our in house expertise. Over the course of the next few months we’ll be reaching out to a number of our partners who we believe would benefit from this functionality to trial this new offering with them. If you think this may be useful to you please get in touch with your account manager and they will assess if you are eligible for the trial.