A study of web application firewall solutions
Web application firewalls (WAFs) are the primary front-end protection mechanism for Internet-based infrastructure which is constantly under attack. This paper therefore aims to provide more insights into the performance of the most popular open-source WAFs, including ModSecurity, WebKnight, and Guar...
| Main Authors: | , , |
|---|---|
| Format: | Conference Paper |
| Published: |
2015
|
| Online Access: | http://hdl.handle.net/20.500.11937/29622 |
| _version_ | 1848752854087499776 |
|---|---|
| author | Prandl, S. Lazarescu, Mihai Pham, DucSon |
| author_facet | Prandl, S. Lazarescu, Mihai Pham, DucSon |
| author_sort | Prandl, S. |
| building | Curtin Institutional Repository |
| collection | Online Access |
| description | Web application firewalls (WAFs) are the primary front-end protection mechanism for Internet-based infrastructure which is constantly under attack. This paper therefore aims to provide more insights into the performance of the most popular open-source WAFs, including ModSecurity, WebKnight, and Guardian, which we hope will complement existing knowledge. The key contribution of this work is an in-depth approach for conducting such a study. Specifically, we combine three testing frameworks: the Imperva’s proprietary benchmark, a generic benchmark using both FuzzDB and Burp test-beds, and testing for common vulnerabilities and exposures (CVE) known exploits. Our experiments show that open source WAFs are not yet totally reliable for protecting web applications despite many advances in the field. ModSecurity appears to be the most balanced open-source solution. |
| first_indexed | 2025-11-14T08:15:14Z |
| format | Conference Paper |
| id | curtin-20.500.11937-29622 |
| institution | Curtin University Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-14T08:15:14Z |
| publishDate | 2015 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | curtin-20.500.11937-296222017-09-13T15:41:23Z A study of web application firewall solutions Prandl, S. Lazarescu, Mihai Pham, DucSon Web application firewalls (WAFs) are the primary front-end protection mechanism for Internet-based infrastructure which is constantly under attack. This paper therefore aims to provide more insights into the performance of the most popular open-source WAFs, including ModSecurity, WebKnight, and Guardian, which we hope will complement existing knowledge. The key contribution of this work is an in-depth approach for conducting such a study. Specifically, we combine three testing frameworks: the Imperva’s proprietary benchmark, a generic benchmark using both FuzzDB and Burp test-beds, and testing for common vulnerabilities and exposures (CVE) known exploits. Our experiments show that open source WAFs are not yet totally reliable for protecting web applications despite many advances in the field. ModSecurity appears to be the most balanced open-source solution. 2015 Conference Paper http://hdl.handle.net/20.500.11937/29622 10.1007/978-3-319-26961-0_29 restricted |
| spellingShingle | Prandl, S. Lazarescu, Mihai Pham, DucSon A study of web application firewall solutions |
| title | A study of web application firewall solutions |
| title_full | A study of web application firewall solutions |
| title_fullStr | A study of web application firewall solutions |
| title_full_unstemmed | A study of web application firewall solutions |
| title_short | A study of web application firewall solutions |
| title_sort | study of web application firewall solutions |
| url | http://hdl.handle.net/20.500.11937/29622 |