Web Application Firewall
No Joomla! website should be without a Web Application Firewall or WAF, especially if hosted in a shared server environment.
The WAF adds another line of defense between your website and the server firewall maintained by your hosting provider.
You will find a list of available WAF extensions in the Joomla! Extensions Directory.
What is a Web Application Firewall?
"A web application firewall is a special type of application firewall that applies specifically to web applications.
It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious."
OWASP stands for Open Web Application Security Project.
A WAF is “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.”
It is a firewall for HTTP applications which is deployed to protect a specific web application or set of web applications.
Specifically, a WAF applies a set of rules to an HTTP conversation.
These rules cover common attacks such as:
- cross-site scripting (XSS) and
- SQL injection.
Akeeba Admin Tools is our WAF of choice
Our preferred choice of WAF for the Joomla! CMS is Akeeba Admin Tools.
It adds another line of defense between your website and the server firewall maintained by your hosting provider.
"Admin Tools is a security component, i.e. a software solution which will help you tighten the security of your Joomla! site. Moreover, it has several features which will help you enhance the performance of your site and make your life administering the site a bit easier."
Useful Video Tutorials & Documentation
The developer acknowedges that configuring the Admin Tools WAF for your website's hosting environment can be challenging for some website administrators, but has recently produced a range of useful video resources to help Joomlers.
These provide a useful supplement to the longstanding comprehensive Admin Tools user guide.