From the course: Complete Guide to Enterprise Cyber Defense
Join today to access over 24,900 courses taught by industry experts.
Protecting web servers with a web application firewall (WAF)
From the course: Complete Guide to Enterprise Cyber Defense
Protecting web servers with a web application firewall (WAF)
- [Instructor] Web servers are often the most targeted part of a network. They're exposed to the internet and attackers know how to probe them. A web application firewall or a WAF access a security filter. It sits in front of the server, checks request, and blocks anything suspicious like SQL injections or script exploits. It's a powerful way to protect web apps. Let's look at a couple of examples. First, we have hosted cloud web applications such as CloudFlare. CloudFlare uses OWASP Core Ruleset, which helps to detect things like SQL injections, broken access control, and more. It also lets us create custom rules, block IP address, and log events. CloudFlare WAF is a good choice for public-facing websites. Let's have a look in an on-premise solution. Here we have an OPNsense router running. We've configured this to run Nginx, which is running its ModSecurity's Nexus WAF Application. ModSecurity also uses rules from…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.