A web application firewall applies a set of rules to HTTP conversation to identify and restrict the attacks of cross site scripting, SQL injections etc. You can also get web application framework and web based commercial tools, for providing security to web applications. Web Application Firewalls allows you to customize the rules by identifying and blocking malicious content. Some of the most popular and widely used open source web application firewalls for web application security are –
- ModSecurity (Trustwave SpiderLabs)
- AQTRONIX WebKnight
- ESAPI WAF
- WebCastellum
- Binarysec
- Guardian@JUMPERZ.NET
- OpenWAF
- Ironbee
- Profense
- Smoothwall
ModSecurity is one of the oldest and widely used open source web application firewall which can detect application level threats on internet, and provides security against a range of security issues to web applications. It provides non viral open sources license and it can be integrated to Apache programs. Recently, ModSecurity released the version 2.6.0 which provides features for safe browsing API integration, sensitive data tracking and data modification features.
AQTRONIX WebKnight is an open source application firewall designed specifically for web servers and IIS, and it is licensed through the GNU – General Public License. It provides the features of buffer overflow, directory traversal, encoding and SQL injection to identify / restrict the attacks.
ESAPI WAF is developed by Aspect Security and it is designed to provide protection at the application layer instead of network layer. It is a Java based WAF which provides complete security from online attacks. Some of the unique features of the solution include outbound filtering features which reduce information leakage. It is configuration driven and not code based, and it enables easy installation by just adding configuration details in the text file.
WebCastellum is a Java based web application firewall which can protect application against cross site scripting, SQL injections, command injections, parameter manipulation, and it can be integrated easily to a java based application. It is based on new technology and it can use existing code to provide protection.
Binarysec is web application software firewall for Apache, and it protects applications against illegitimate HTTP and blocks suspicious requests as well. It provides protection against cross site scripting, commend injections, parameter tampering, buffer overflow, directory traversal, SQL injection and attack obstruction. It takes not more than 10 minutes to install the software, and its user interface can manage Apache servers and many sites on one machine.
Guardian@JUMPERZ.NET is an open source application layer firewall for HTTPS / HTTP and it assesses the HTTP / HTTPS traffic to protect the web application from external attacks. Guardian@JUMPERZ.NET immediately disconnects the TCP connection when the application comes in contact with a malicious / unauthorized request.
Art of defense is a San Francisco based web application security provider which started a project on open source OpenWAF in February 2011. It’s also the first company to provide distributed web application firewall for Apache servers.
Qualys created cloud based open source web application firewall - Ironbee which examines the HTTP instead of the traditional IP packets to evaluate a data. It can even track attacks on cross site scripting code. Ironbee is published through Apache License version 2 and it provides no copyright assignment. It has modular structure and is quite easy to use.
ZION security offers an open source web application firewall similar to ModSecurity, and is called Profense. The web application firewall provided by Zion is essentially a Layer-7 firewall (which is also called “proxy firewall”) and it inspects the traffic to block content.
Smoothwall provides strong web security tools to manage emails. The open source web filtering engine of Smoothwall is called DansGuardian. It has flexible user rules and a fully integrated component for web filtering and security. What’s more, it provides authenticated network access and traffic blocking. Smoothwall free firewall has security hardened Linux GNU OS too.