Web Application Firewall

joomla support cheshire manchester merseyside north west uk

No Joomla! website should be without a Web Application Firewall or WAF, especially if hosted in a shared server environment.

The WAF adds another line of defense between your website and the server firewall maintained by your hosting provider.

You will find a list of available WAF extensions in the Joomla! Extensions Directory.

Read more: Access & Security Extensions for Joomla!.


What is a Web Application Firewall?

Wikipedia definition

"A web application firewall is a special type of application firewall that applies specifically to web applications.

It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious."

Source: Wikipedia.

OWASP Definition

OWASP stands for Open Web Application Security Project.

A WAF is “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.”

It is a firewall for HTTP applications which is deployed to protect a specific web application or set of web applications.

Specifically, a WAF applies a set of rules to an HTTP conversation.

These rules cover common attacks such as:

  • cross-site scripting (XSS) and
  • SQL injection.

Source: OWASP.


Akeeba Admin Tools is our WAF of choice

Our preferred choice of WAF for the Joomla! CMS is Akeeba Admin Tools.

It adds another line of defense between your website and the server firewall maintained by your hosting provider.

"The Admin Tools WAF is designed to offer real-time protection against:

  • the most common fingerprinting attacks, used by attackers to deduce information about your site in order to tailor an attack to it,
  • and the most common attacks."

Source: Akeeba Admin Tools Documentation.

Read more: Admin Tools 4 Pro.


Useful Video Tutorials & Documentation

The developer acknowedges that configuring the Admin Tools WAF for your website's hosting environment can be challenging for some website administrators, but has recently produced a range of useful video resources to help Joomlers.

These provide a useful supplement to the longstanding comprehensive Admin Tools user guide.

Read more: Video Tutorials & Documentation.


Akeeba GeoIP Provider Plugin

If you choose to install the Admin Toolls WAF then we also recommend that you install the developer's GeoIP Provider Plugin.

Read more: Akeeba GeoIP Provider Plugin.


Make Joomla! CMS Security YOUR #1 Priority

joomla support cheshire manchester merseyside north west ukWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.