Web application firewall is a protection from unauthorized access on the internet. It filters the http server. It actually covers up all the web applications and prevents unauthorised access. It works on all the layers of OSI. Today there is vast network traffic. WAF is responsible for solving this problem. It reduces the network traffic. It is actually a program which provides protection from hijack. It blocks those websites which are not secure and safe. WAF mainly protects from the vulnerability of web applications. Web application vulnerability such as XSS (Cross Site Scripting), RFI and SQL injections is rejected by the WAF. Sometimes a hacker generates a series of codes known as cross site script to cross authorised sites and hijack the authorised codes. So WAF is created like this to prevent these vulnerabilities.
WAF continuously scans the websites and those codes which can hijack, or malicious codes are denied. It prevents HTTP server form attacks according to its configuration. There are some set of rules which are installed in WAF. So WAF can prevent only those attacks which are harmful according to the rules specified.
WAF is simple interface and support cluster mode. It can be Active that is can block and log or Passive that is can only log the web traffic. WAF firewall is same as normal firewall with some additional features. When it cannot prevent some attacks due to its configuration, it uses validation to protect from those attacks. There are two types of validation used in form level validation that are white-listing and black-listing. White-listing allows inputs but black-listing deny inputs.