Cloud based web application firewall (WAF)

What is it?

It’s pretty much self explanatory.

If you’re looking for a firewall for a small to medium sized web application and you don’t have the expertise or the software/hardware required for a firewall, this may be the solution for you.

How does it work?

Having used Cloudflare I can say the setup is pretty much seamless.  You sign up for an account and point the DNS of your web site to Cloudflare.  Cloudflare intercepts all requests to your website.  This allows you to stop DDOS attacks before it even hits your web application server.  Services like Cloudflare allow you to configure firewall type configuration simply by logging into your account.

What do I need to know?

Sometimes cloud based services can be too restrictive.  They may prevent requests that should not be denied.  For this reason, you may not want to use this type of service as it could cost you potential revenue.

Technical stuff

As mentioned above, this type of service can be too restrictive.  If your web application is hosting web services and your integration partners are complaining that they can’t connect to your web service, it can difficult to troubleshoot these kinds of problems.  While this could be attributed to any number of errors, you’ll want to inform your integration partners that they should set the user-agent field on the http header.

Final Thoughts:

Cloud based WAFs can expedite the time to market of your web application.  It’s a great way to start and you always move to a more formal setup later on if you wish.