A Web Application Firewall (WAF) is an application firewall for HTTP applications. It applies sets of rules and performs behavioral analysis to block malicious traffic from reaching your origin server.
StackPath Web Application Firewall
StackPath's WAF is comprised of a unique 2-tier SaaS. The first tier is a cloud-based Central Security Cloud that analyzes traffic for behavioral profiling, inconsistency detection, and reputation recognition The second tier are edge nodes that enforce security policies and deliver services distributed by the cloud.
Anti Automation protection
Cyber-criminals are increasingly using automation to carry out attacks on web-applications for several reasons, including:
- Automation tools enable the attacker to hit more applications and exploit more vulnerabilities than any other manual method.
- The automatic tools that are available online and save the attacker the trouble of studying attack methods and coming up with exploits applications are vulnerable to.
- These tools are optimized to use resources more efficiently.
The StackPath WAF behavioral analysis blocks any non-human traffic from reaching your site. Advanced user behavioral analysis blocks automated scanners, bots and, other automated tools from accessing your application, while known bots will be allowed (e.g. known search engines).
Some areas of the internet are notorious for the generation and distribution of abusive traffic. These areas might be hacker-operated botnets, zombie servers in hosting facilities that have been infected with malware, and anonymous proxies used by hackers, spammers, and scrapers.
StackPath allows you to blacklist traffic originating from well-known IP addresses, allowing you to block malicious traffic without having to inspect it first. StackPath's Central Security Cloud constantly collects, updates, and validates these IPs using multiple sources and publishes blacklisted IP addresses to all StackPath Service Nodes. Using this intelligence, you can decide whether to block, challenge, or allow traffic from highly suspect entities.
DDoS L7 Protection
StackPath's bot-detection technology blocks bots with an extremely high degree of accurately:
- Bots that share IP addresses with human users are blocked while allowing unrestricted access to legitimate users.
- Bots that frequently change their IP addresses also fail to evade StackPath's bot detection engine. They are tracked down and blocked – again and again.