Skip to main content
Version: v7

KB: 1068

Why do we need to configure web application to accept traffic from WAF only?

A Web Application Firewall (WAF) is a security solution that helps protect web applications from various online threats, such as SQL injection, cross-site scripting (XSS), and other types of attacks. Configuring your server to allow only requests from a WAF can enhance the security of your web applications in several ways:

  1. Filtering malicious traffic: A WAF is designed to analyse incoming traffic and filter out potentially harmful requests. By allowing only requests through the WAF, you ensure that all incoming traffic is scrutinized for malicious intent before reaching your web application.

  2. Attack prevention: WAFs are equipped with rules and signatures that can detect and block common web application attacks. By channelling all traffic through the WAF, you can use its capabilities to prevent attacks before they reach your web server.

  3. Reducing false positives: WAFs may generate false positives, blocking legitimate requests that appear to be malicious. By allowing only WAF-filtered traffic, you can minimize the impact of false positives on your web application.

  4. Centralized security control: Configuring your server to only accept requests from the WAF centralizes security control. This means that security policies and configurations are managed at a single point (the WAF), making it easier to monitor and enforce security measures.

  5. Mitigating DDoS attacks: Some WAFs include features to mitigate Distributed Denial of Service (DDoS) attacks. By directing all traffic through the WAF, you can benefit from its DDoS protection capabilities, helping to ensure the availability of your web application during an attack.

  6. Logging and monitoring: WAFs typically provide detailed logs and reports on web traffic, including information about detected threats and potential vulnerabilities. By allowing only WAF-filtered traffic, you can have more comprehensive logging and monitoring, aiding in the detection and response to security incidents.

  7. Adapting to evolving threats: WAFs are regularly updated to address new and emerging threats. By allowing only WAF-filtered traffic, you ensure that your web application benefits from the latest security measures and threat intelligence.

In summary, configuring your server to allow only requests from a WAF is a proactive security measure to enhance the protection of your web applications. This ensures the security, stability, and availability of the origin server by preventing hackers from evading WAF and attacking the origin server via origin server IP addresses.