FAQs - dotDefender - An Application Firewall
One of the largest threats for managed hosting customers, large and small, is that of security risks in web applications. Hackers are constantly probing the Web for vulnerabilities. dotDefender is a web application security solution (a Web Application Firewall, or WAF) that offers strong, proactive security for you websites and web applications. MaximumASP recommends the installation of dotDefender on all managed web servers for clients that require HIPAA or PCI compliance. It is compatible with either our managed dedicated servers or our MaxV cloud servers and can be added to a server at any time for a monthly fee of $55 per server.
What does an application firewall do?
An application firewall is software code that is installed on your web servers that protects against common vulnerabilities in software. These vulnerabilities can range from SQL Injection to root kits. To be fully secure you should have both a hardware firewall which facilitates VPN connectivity and restricts port access as well as a software firewall like dotDefender. Each of the major areas of protection for dotDefender are discussed below:
- Pattern Recognition: The Pattern Recognition web application security engine effectively protects against malicious behavior such as SQL injection and Cross Site Scripting. The patterns are designed efficiently and accurately to identify application-level attacks. As a consequence, dotDefender is characterized by an extremely low false positive rate.
- Session Protection: The Session Protection web application security engine focuses on the user session. Session Protection prevents session cookie tampering and blocks attempts to crash the server or reduce server performance by flooding the application with multiple requests on the same session.
- Signature Knowlegdebase: This web application security engine uses signatures to detect requests from known malicious sources such as bots, zombies and spammers. It identifies bad user agents and prevents hacking tools from gathering information about vulnerabilities in Webapplications.
- Data Leakage Protection: Prevent sensitive information disclosure using built-in and extensible outgoing traffic inspection rules. Mitigate proliferation of credit card, personal information, application error messages into the wrong hands.
- Upload Inspection: Upload content inspection enforces file extension and MIME-Type filtering. Prevent web shells, backdoors and rootkits from being uploaded via web content management systems. Scan contents of uploaded files to ensure malicious payloads are not smuggled in posing as benign pictures and content.
dotDefender and PCI
For clients who require Payment Card Industry or PCI compliance, a web application firewall is essential for meeting requirement 6.6 which requires that that “All web-facing applications be protected against know attacks” by having either “all custom application code reviewed for common vulnerabilities by an organization that specializes in application security” or “Installing an application layer firewall in front of web facing applications” .