{"id":57976,"date":"2022-09-07T16:53:10","date_gmt":"2022-09-07T08:53:10","guid":{"rendered":"https:\/\/version-2.com\/?p=57976"},"modified":"2022-09-29T17:41:07","modified_gmt":"2022-09-29T09:41:07","slug":"choosing-the-right-web-application-firewall-part-one","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2022\/09\/choosing-the-right-web-application-firewall-part-one\/","title":{"rendered":"Choosing the Right Web Application Firewall \u2013 Part One"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"57976\" class=\"elementor elementor-57976\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max\" width=\"1800\" height=\"1200\" \/>\n\nIn my previous articles, I mentioned firewalls, so I decided to dedicate this entire article to that topic. First, I want to give a basic explanation of firewalls and more information about web application firewall so you can make a more informed decision. I have mainly mentioned the usage of web application firewalls to prevent attacks such as SQL Injection, XSS (cross-site scripting), cookie poisoning, etc.\n<h4><\/h4>\n<h4><em>What is a firewall?<\/em><\/h4>\n&nbsp;\n\nA firewall is software or hardware used to monitor network data (traffic) and compare it against a set of rules. Depending on the rules, traffic will be passed or blocked. On the Internet, you might hear this analogy:\u00a0<em>a firewall is a guard or gatekeeper at the entrance of an event. This gatekeeper can check the ID of individuals against a set of rules before letting them enter (or leave).<\/em>\n\n&nbsp;\n\nBut before I explain more, I need to cover some basics \u2013 OSI layers and TCP\/IP.\n\n&nbsp;\n<h4><em>Layers of the OSI model and TCP\/IP<\/em><\/h4>\n&nbsp;\n\nThe OSI Model (Open Systems Interconnection Model) is used to describe how a network system functions. This model is split into seven abstraction layers:\n\n&nbsp;\n<ul>\n \t<li><strong>Physical<\/strong>\u00a0\u2013 lowest level responsible for a physical connection between devices, transmitting bits from one node to the next. This layer converts data to 0s and 1s to the next Data Link layer.<\/li>\n \t<li><strong>Data Link<\/strong>\u00a0\u2013 this layer is responsible for checking if data transfer is error-free (error checking\/formatting) between one node to another in the physical layer. The primary purpose of the data link layer is to help the sender send a set of meaningful bits to the receiver.<\/li>\n \t<li><strong>Network\u00a0<\/strong>\u2013 this layer is responsible for defining which physical path the data will take. It is taking care of the transmission of data from one host to another that are on different networks.<\/li>\n \t<li><strong>Transport<\/strong>\u00a0\u2013 transmits data using transmission protocols (TCP and UDP). It contains information if the data transmission is successful, and then, if yes, it transmits the data. If an error is found, the data is re-transmitted.<\/li>\n \t<li><strong>Session<\/strong>\u00a0\u2013 this layer maintains connections and is responsible for controlling ports and sessions.<\/li>\n \t<li><strong>Presentation<\/strong>\u00a0\u2013 this layer ensures that data is in a usable format. It is also where encryption occurs.<\/li>\n \t<li><strong>Application<\/strong>\u00a0\u2013 this layer interacts with the user and displays the received information to them.<\/li>\n<\/ul>\n&nbsp;\n\n*OSI model was published in 1984 by the International Organization for Standardization (ISO). For more information of the layers (and their functions), you can check out this\u00a0<a href=\"https:\/\/www.geeksforgeeks.org\/layers-of-osi-model\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">site<\/a>.\n\n&nbsp;\n\nKeep in mind that today&#8217;s Internet is based on the TCP\/IP stack. OSI model is an abstraction, and something we use to learn about the internet protocols. The implementation is based on the TCP\/IP stack, not the OSI model.\n\n&nbsp;\n\nTCP\/IP layers are the four layers of the TCP\/IP model: link layer, network, transport, and application. Data is passed in a particular order. (From the bottom layer to the top layer and back)\n\nIf you want to read about TCP\/IP layers, check out this\u00a0<a href=\"https:\/\/www.avg.com\/en\/signal\/what-is-tcp-ip#:~:text=There%20are%20four%20layers%20of,when%20the%20data%20is%20received.\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">site<\/a>.\n\n&nbsp;\n<h4><em>Classifications of firewalls<\/em><\/h4>\n&nbsp;\n\nThere are a few classifications for firewalls.\n\n&nbsp;\n\nThe first one is a hardware or software firewall. Hardware is when the firewall is separate hardware through which the network traffic is going (such as Cisco ASA). A software firewall is software that comes with the OS, such as Windows Defender Firewall \u2013 which is also called a host firewall. On Linux, you usually get a built-in host firewall called\u00a0<em>ufw<\/em>\u00a0(uncomplicated firewall). You can also install a third-party solution (Comodo, Norton, etc.)\n\n&nbsp;\n\nThe second one is the classification by personal or commercial use. Personal is mainly for use at home and it is designed for small networks. The commercial firewall is designed to protect medium to large networks.\n\n&nbsp;\n\nHowever, the most important classification is by the layers on which the firewall operates. Firewalls mainly focus on layers 3 and 4 (sometimes even 2). Next-generation firewalls cover layers 5, 6, and 7.\n\n&nbsp;\n\nThe third classification is based on firewall abilities:\n<ul>\n \t<li><strong>Packet-Filtering FirewallCircuit-Level Gateway<\/strong><\/li>\n \t<li><strong>Stateful Inspection Firewall<\/strong><\/li>\n \t<li><strong>Proxy Firewall<\/strong>\u00a0\u2013 all traffic goes through WAF on its way to the server<\/li>\n \t<li><strong>Next-Generation Firewall\u00a0<\/strong>(NGFW)<\/li>\n \t<li><strong>Cloud Firewall<\/strong>\u00a0or\u00a0<strong>Firewall as a Service<\/strong>\u00a0(FWaaS)<\/li>\n<\/ul>\n&nbsp;\n\nI will focus on the Web Application Firewall, an example of Proxy Firewall and Firewall as a Service (FWaaS).\n\n&nbsp;\n<h4><strong>Web Application Firewall<\/strong><\/h4>\n&nbsp;\n\nDefinition of WAF by OWASP on their\u00a0<a href=\"https:\/\/owasp.org\/www-community\/Web_Application_Firewall#:~:text=Description,protect%20clients%2C%20WAFs%20protect%20servers.\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">site<\/a>:\u00a0<em>A &#8220;&#8216; web application firewall (WAF)'&#8221; is an\u00a0<\/em><a href=\"https:\/\/en.wikipedia.org\/wiki\/Web_application_firewall\" target=\"_blank\" rel=\"noopener noreferrer nofollow\"><em>application firewall<\/em><\/a><em>\u00a0for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as\u00a0<\/em><a href=\"https:\/\/owasp.org\/www-community\/attacks\/xss\" target=\"_blank\" rel=\"noopener noreferrer nofollow\"><em>Cross-site Scripting (XSS)<\/em><\/a><em>\u00a0and\u00a0<\/em><a href=\"https:\/\/owasp.org\/www-community\/attacks\/SQL_Injection\" target=\"_blank\" rel=\"noopener noreferrer nofollow\"><em>SQL Injection<\/em><\/a><em>. While proxies generally protect clients, WAFs protect servers. A WAF is deployed to protect a specific web application or set of web applications.<\/em>\n\n&nbsp;\n\nThe proxy firewall inspects the content of the payload (packets). As a difference between the third classification from the paragraph above, this one is not limited to packet headers.\n\nFWaaS is a hardware firewall in a cloud environment. Its features depend on the service provider, and it benefits from the scalability of cloud architecture.\n\n&nbsp;\n<h4><em>Types of Web application firewalls<\/em><\/h4>\n&nbsp;\n\nThere are three types of web application firewall: hardware, software, and cloud-based. All of them have advantages and disadvantages, and it is very important to know them before choosing the right one for your web application.\n\n&nbsp;\n\n1- <strong>Hardware<\/strong>\u00a0\u2013 This hardware solution is installed locally in LAN close to application and web servers. This solution is good because it can be modified, and it supports configurations and updates. It is very fast, and it has high performance. This type is perfect for big organizations when the application has many visits on daily basis. For small organizations, it is not cost-efficient because it can be costly.\n\nList of WAFs: WAPPLES, Imperva SecureSphere, Barracuda Web Application Firewall, Citrix Netscaler Application Firewall, Fortinet FortiWeb, F5 BIG-IP Application Security Manager (ASM).\n\n&nbsp;\n\n2- <strong>Software<\/strong>\u00a0\u2013 this one is different than a hardware firewall because you would need a virtual machine instead of dedicated hardware. Of course, as you can guess that this solution is usually cheaper than hardware. The advantage is that it can be used in your on-prem systems, while you can also deploy it in the cloud. A disadvantage is that it is slower because it runs on a VM. This solution is suitable for small and medium organizations.\n\n&nbsp;\n\n3- <strong>Cloud\u00a0<\/strong>\u2013 this firewall is provided and managed in the form of software as a service &#8211; SaaS. This solution is entirely in the cloud. This solution is good because the service provider provides optimizations and updates, so you would not need to manage anything. On the other hand, it is also a disadvantage because if you require some customizations, you can simply not do it, or if there exists such an option, it will probably be more complex in some way. This solution is good for small and medium organizations which don&#8217;t have enough resources that would focus on the management of WAF.\n\n&nbsp;\n\n*List of software and cloud-based WAFs will be covered in the next part of the article.\n\n&nbsp;\n<h4><em>How is WAF configured?<\/em><\/h4>\n<em>\u00a0<\/em>\n\nWAF can be configured in three different ways:\n<ul>\n \t<li>Whitelisting<\/li>\n \t<li>Blacklisting<\/li>\n \t<li>Hybrid<\/li>\n<\/ul>\n&nbsp;\n\nIf you choose to use the whitelisting model, you would usually start by blocking everything (no Internet at all!), and then you would go on gradually from there, allowing only what&#8217;s necessary for your application.\n\n&nbsp;\n\nOn the other hand, the blacklisting model is the opposite of whitelisting. You would need to create a list of criteria by which the traffic will be blocked.\n\n&nbsp;\n\nThe third model is hybrid. If you decide to use this model, you will probably have an application with some specific criteria required where you will combine whitelisting and blacklisting. Ideally, you will use the best of both worlds, so to speak.\n\n&nbsp;\n\nTo choose a model, you would first need to define the needs for your application. (You might also want to consider your infrastructure.)\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"39690\" class=\"elementor elementor-39690\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ff2a228 elementor-widget elementor-widget-text-editor\" data-id=\"ff2a228\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p class=\"wp-block-paragraph\"><b>About VRX<\/b><br><b>VRX&nbsp;<\/b>is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>In my previous articles, I mentioned firewalls, so I de [&hellip;]<\/p>","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[476,488,61],"tags":[477,489],"class_list":["post-57976","post","type-post","status-publish","format-standard","hentry","category-vrx","category-488","category-press-release","tag-vrx","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Choosing the Right Web Application Firewall \u2013 Part One - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Choosing the Right Web Application Firewall \u2013 Part One - Version 2\" \/>\n<meta property=\"og:description\" content=\"In my previous articles, I mentioned firewalls, so I de [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-07T08:53:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-29T09:41:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/09\\\/choosing-the-right-web-application-firewall-part-one\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Choosing the Right Web Application Firewall \u2013 Part One\",\"datePublished\":\"2022-09-07T08:53:10+00:00\",\"dateModified\":\"2022-09-29T09:41:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/09\\\/choosing-the-right-web-application-firewall-part-one\\\/\"},\"wordCount\":1338,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max\",\"keywords\":[\"vRx\",\"2022\"],\"articleSection\":[\"vRx\",\"2022\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/09\\\/choosing-the-right-web-application-firewall-part-one\\\/\",\"url\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one\",\"name\":\"Choosing the Right Web Application Firewall \u2013 Part One - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max\",\"datePublished\":\"2022-09-07T08:53:10+00:00\",\"dateModified\":\"2022-09-29T09:41:07+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#primaryimage\",\"url\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max\",\"contentUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/choosing-the-right-web-application-firewall-part-one#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Choosing the Right Web Application Firewall \u2013 Part One\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Choosing the Right Web Application Firewall \u2013 Part One - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one","og_locale":"en_US","og_type":"article","og_title":"Choosing the Right Web Application Firewall \u2013 Part One - Version 2","og_description":"In my previous articles, I mentioned firewalls, so I de [&hellip;]","og_url":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one","og_site_name":"Version 2","article_published_time":"2022-09-07T08:53:10+00:00","article_modified_time":"2022-09-29T09:41:07+00:00","og_image":[{"url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"Written by":"version2hk","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/09\/choosing-the-right-web-application-firewall-part-one\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Choosing the Right Web Application Firewall \u2013 Part One","datePublished":"2022-09-07T08:53:10+00:00","dateModified":"2022-09-29T09:41:07+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/09\/choosing-the-right-web-application-firewall-part-one\/"},"wordCount":1338,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max","keywords":["vRx","2022"],"articleSection":["vRx","2022","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/09\/choosing-the-right-web-application-firewall-part-one\/","url":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one","name":"Choosing the Right Web Application Firewall \u2013 Part One - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#primaryimage"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max","datePublished":"2022-09-07T08:53:10+00:00","dateModified":"2022-09-29T09:41:07+00:00","breadcrumb":{"@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#primaryimage","url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max","contentUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl7rn8s3l08980kmw13py5f1l.jpg?tr=w-1800,c-at_max"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vicarius.io\/blog\/choosing-the-right-web-application-firewall-part-one#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Choosing the Right Web Application Firewall \u2013 Part One"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/en\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-f56","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/57976","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=57976"}],"version-history":[{"count":7,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/57976\/revisions"}],"predecessor-version":[{"id":57983,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/57976\/revisions\/57983"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=57976"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=57976"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=57976"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}