Web Application Firewall

A Web Application Firewall (WAF) is a security solution that inspects HTTP traffic in real time between the Internet and your web applications and API servers, with the goal of mitigating application-layer cyberattacks.

The system implements a Layer 7 firewall based on the OSI model, combining predefined rules with behavioral analysis and detection algorithms. This approach ensures the ability to intercept not only known threats but also attacks without specific signatures and those not yet publicly disclosed.

With a Web Application Firewall, you can protect your web applications and your business itself by choosing between two reliable solutions: Linux WAF, developed by our engineers, and FortiAppSec, Fortinet’s Web Application Firewall.

Show details
Web Application Firewall Configuration
Technology
Hardware Configuration
Main features
SSL Termination
Customizable rules
Bandwidth
?
Seeweb only charges for the outbound traffic besides the included bundle of 1000 GB with monthly renewal. The inbound traffic is completely free.
 Unlimited
Number of websites Unlimited
Load Balancer
Integration with Web Accelerator Optional
HA redundancy Optional
Monthly Cost 45.50

Applicable to any IT project, WAF defends you against vulnerabilities at a very competitive price.

What WAF is and how it works

A WAF intercepts and analyzes all HTTP requests, protecting websites, API servers, and web applications that may be vulnerable.

This protection allows you to defend against both known and unknown vulnerabilities, including “zero-day” threats, providing a high level of security.

An important feature of a WAF is its ability to protect vulnerable infrastructures and applications without directly applying patches. This security measure is known as “virtual patching” or “vulnerability shielding”.

How it operates at the infrastructure level

The WAF operates in single-tenant mode, wich can be activated on one or more servers dedicated to a single customer.

If multiple websites are built with the same technology or CMS, it is possible to protect all of them with a single WAF.

For complex or high-traffic environments, our experts can define the most effective strategy, implementing scalable and high-performance protection.

Seeweb’s WAF Solutions

Every business has different needs. For this reason, Seeweb offers two WAF solutions designed to protect your business from online attacks, each with a different approach.

Linux WAF

Our proprietary WAF combines advanced security and flexibility. It is designed to detect both known and unknown vulnerabilities, such as SQL injection, local or remote file inclusion, and malicious command execution.

With Linux WAF you can:

  • Manage custom rules to adapt protection to your applications
  • Protect websites and APIs
  • Control access through whitelists and blacklists
  • Customize the error page shown to blocked users
  • Block access to files that could expose sensitive data
  • Apply virtual patches, allowing you to continue using vulnerable applications without risk.

This solution provides immediate security without web interfaces or control panels that require technical expertise. Simply install the appliance and it becomes active immediately, with no configuration required.

Fortinet FortiAppSec

Fortinet FortiAppSec is an enterprise solution designed for organizations that want advanced and automated protection. Thanks to machine learning, it detects and blocks threats while reducing false positives. The Advanced Bot Mitigation system protects applications without disrupting legitimate users.

Fortinet FortiAppSec also offers:

  • API protection, including APIs used by mobile applications
  • Integration with Fortinet Security Fabric for a coordinated security ecosystem
  • Detailed attack analysis with Threat Analytics
  • Virtual patching and integration with third-party systems.

This solution is ideal for organizations that want advanced attack management with automated protection.

Choose the solution that best fits your needs

With Seeweb, you can choose the WAF solution that best suits your business: immediate security with no management effort with Linux WAF; enterprise automation and protection with Fortinet FortiAppSec.

In both cases, your web applications will be protected against the most sophisticated threats, without compromising the user experience.

  • What is a WAF?

    A Web Application Firewall (WAF) is a security system that protects websites and applications by analyzing and filtering HTTP/HTTPS traffic between users and servers.

    The WAF blocks attack attempts such as SQL Injection, Cross-Site Scripting (XSS), and other threats that exploit web application vulnerabilities, ensuring operational continuity and data protection.

  • What is the difference between Linux WAF and Fortinet FortiAppSec?

    Linux WAF is a managed solution designed to provide effective protection, customizable configurations, and a sustainable cost. Ideal for websites and applications requiring flexibility and control, Linux WAFis suitable for business looking for a sustainable approach to application security and compliance, including the NIS Directive.

    Fortinet FortiAppSec, on the other hand, is an enterprise solution by Fortinet designed for more complex and critical environments. It integrates advanced features such as machine learning for automatic threat detection, advanced bot protection, API protection, and attack analysis tools with an advanced monitoring dashboard.

  • Can I protect multiple websites with a single WAF?

    Yes. If multiple websites or applications share the same infrastructure, server, or similar technologies, they can be protected with a single Web Application Firewall, optimizing security management and costs. The WAF analyzes and filters traffic directed to all protected applications, applying customizable security rules for each domain or service.

    For more complex architectures, distributed environments, or applications with high traffic loads, Seeweb technicians can design a dedicated and scalable configuration to ensure operational continuity, performance, and protection aligned with business growth.

  • Do I need to handle the technical configuration?

    No. Both Linux WAF and Fortinet FortiAppSec are provided as managed services. Installation, initial configuration, updates, and security rule management are handled directly by Seeweb technicians.

    This means you don’t need to manage setup of the infrastructure and can focus on developing and managing your applications and digital services. The Seeweb team monitors the system, applies security updates, and optimizes protection rules, ensuring operational continuity and a consistently updated level of security.

    Upon request, it is also possible to define custom configurations or integrate specific application requirements, while maintaining the support of the specialized team.