What’s a Web Application Firewall (WAF)?
A Web Application Firewall, or WAF, is a special type of firewall that stands in front of your website. It monitors the requests going to your website, looking for signs that a bad actor is trying to exploit some of your code. When it detects signs of this, the WAF blocks that request before it goes any further, helping to keep your site safe. A number of different sources for these rules are available.
If you’re running an online store, the WAF can help you gain PCI Compliance. Additionally, it helps protect your site against:
- Unauthorised access
- Cross Site Scripting attacks (XSS)
- SQL injection
Comodo WAF Rules
Comodo is well known for internet security. Therefore, we use their ruleset as part of our WAF.
How do I add this to my website?
We’ve already done this for you. It’s enabled by default on all accounts and comes without any additional charge. However, if you’d prefer not to use it, you can disable the WAF by visiting the ‘ModSecurity’ option in the ‘Security’ section in your control panel.
From here you can enable or disable domains individually.
I want to know more
Details on ModSecurity, the opensource software we use to power the WAF, can be found here. Further information on the Comodo ruleset can be found here.