International Journal of Advanced Research in Computer Engineering & Technology
A Web Application Firewall (WAF) is a security tool that protects the web application and web application server from various attacks. Application protection is a valuable security layer to add because it can protect against a number of application layer security threats which is usually not protected by a typical network layer intrusion detection system. The Web Application can easily be attacked by the hackers even though with the existence of the normal firewall in the system. This is due to the limitation that the normal firewall does not work in the application layer. The hackers will attack the Web Application using the methods like Structured Query Language (SQL) Injection, CROSS Site Scripting (XSS), Command Injection, or Session Manipulation, cookie poisoning, Directory traversal, Forceful browsing.