Web application firewall using PHP and MYSQL

Khamis, Muhammad Aizat (2023) Web application firewall using PHP and MYSQL. Project Report. Universiti Teknikal Malaysia Melaka, Melaka, Malaysia. (Submitted)

Text (Full Text) Web application firewall using PHP and MYSQL.pdf - Submitted Version Download (4MB)

Abstract

Web Application Firewalls, also known as WAFs, are deployed to protect websites and web applications and, when properly configured, offer a comprehensive level of security. When they are used excessively, these tools eventually cause problems. The deployment of a WAF may give users a mistaken impression of their level of security. In this article, we provide an overview of the traffic filtering models currently available as well as some recommendations for making the most of the advantages offered by a web application firewall. A WAF protects your online applications by classifying, analysing, and rejecting any dangerous HTTP/S traffic that reaches them. It also keeps any unauthorised data from exiting the app. It accomplishes this by adhering to a set of rules that assist it in determining which types of traffic are harmful and which are safe. A WAF, like a proxy server, acts as an intermediary to protect a client's identity while protecting the web app server from a potentially malicious client. This is known as a reverse proxy. WAFs can be software, hardware, or services delivered as a service. Policies can be modified to meet the unique requirements of your web app or group of web apps. Even though many WAF policies must be updated on a regular basis to address new vulnerabilities, machine learning has enabled some WAFs to update themselves. This automation is becoming increasingly important as the threat landscape becomes more complicated and unclear.

Actions (login required)

View Item