Glossary
security

Firewall

Definition

A security system that monitors and filters traffic to your website, blocking malicious requests before they reach your server.

What is a Web Firewall?

A web application firewall (WAF) sits between visitors and your website, filtering all incoming traffic. It blocks malicious requests – hacking attempts, spam bots, and attack traffic – while letting legitimate visitors through.

Think of it as a security guard checking everyone before they enter your premises.

Why Firewalls Matter

Proactive Protection

Firewalls block attacks before they reach your site, rather than dealing with damage after.

Bot Protection

Malicious bots constantly probe websites for vulnerabilities. Firewalls filter them out.

DDoS Mitigation

Can absorb or deflect denial-of-service attacks that would otherwise overwhelm your server.

Performance Improvement

Blocking bad traffic means your server resources go to real visitors.

Zero-Day Protection

Good WAFs block attack patterns, catching new vulnerabilities before patches are available.

How Web Firewalls Work

Rule-Based Filtering

Blocks requests matching known attack patterns – SQL injection, cross-site scripting, etc.

Rate Limiting

Blocks IPs making too many requests too quickly.

Geographic Filtering

Can block traffic from countries known for high attack volumes.

Bot Detection

Distinguishes between good bots (Google) and bad bots (scrapers, hackers).

Reputation Scoring

Blocks traffic from IPs with poor reputations for malicious activity.

Types of Web Firewalls

Cloud-Based WAF

Traffic routes through the provider's network before reaching you. Cloudflare, Sucuri, and AWS WAF are examples.

Pros: Easy setup, DDoS protection included, no server load Cons: Ongoing costs, dependency on provider

Host-Based WAF

Software running on your server. ModSecurity, Wordfence, or server-level solutions.

Pros: No routing changes, can be free Cons: Uses server resources, limited DDoS protection

Network-Level Firewall

Hardware or provider-level filtering. Usually part of enterprise or managed hosting.

Popular Firewall Solutions

Cloudflare

Free tier available. Excellent DDoS protection. DNS-level protection.

Sucuri

Website security focused. Includes malware scanning and cleanup.

Wordfence

WordPress-specific. Plugin-based with firewall and scanning.

AWS WAF

For sites on Amazon infrastructure. Highly configurable.

Best Practices

  • Enable firewall before problems occur, not after
  • Review blocked traffic logs periodically
  • Keep firewall rules updated
  • Combine with other security measures (updates, backups, strong passwords)
  • Test that legitimate functionality still works after implementation

Related Terms

DDoS Protection

Defences against distributed denial-of-service attacks, which try to take your website offline by overwhelming it with traffic.

Malware

Malicious software that hackers install on websites to steal data, redirect visitors, or use your server for attacks.

Server

A computer that stores your website files and delivers them to visitors' browsers. Can be a physical machine or virtual instance in the cloud.

Website Security

Protecting your website from hackers, malware, and data breaches through technical measures and good practices.

Explore More Terms

301 RedirectCustomer SegmentationLast-Click AttributionSchema MarkupZero-Click Search

Previous

Featured Snippet

All Terms

Next

First Contentful Paint

Want to Learn More?

Check out our in-depth guides on web design, SEO, and digital marketing.

Browse All GuidesAsk a Question