WAF

Definition

A Web Application Firewall inspects HTTP traffic and blocks requests matching known-bad patterns: SQL injection, XSS, path traversal, credential stuffing. Cloudflare, AWS WAF, and Fastly all bundle WAF capability. Application owners tune rule sets and exception lists. A WAF is not a substitute for secure code but raises the cost of automated probing.

When to use

See also

• CDN — A globally distributed cache that serves static assets from a point of presence near each user.
• TLS — The protocol that encrypts HTTP and other connections — what the lock icon in browsers actually means.