A Web Security or Firewall, or WAF, is a firewall that monitors, filters, or blocks HTTP traffic to and from a web application. A web application firewall protects a web application by controlling its inputs and outputs, and access to and from it.
A customizable inspection process allows it to prevent attacks of types such as cross-site scripting (XSS), SQL injections, session hijacking and buffer overflow; attacks that network firewalls and intrusion detection systems are often unable to counter.