This section is a quick review of some of the important web application attacks, how they work, and what AppFirewall does to protect against them. This knowledge is invaluable since it helps to better understand log entries when troubleshooting.
We will just use the terms User, Attacker, AppFirewall, Website, and Server in our examples to keep it simple.
Note that these attacks and AppFirewall's capability to protect against them can be demoed using WebGoat, which is a deliberately vulnerable site, provided by OWASP. It is free and extremely handy for picking up this knowledge hands on.
Modern Web pages require scripts to function for rich functionality. Cross-site scripting ...