If we were to describe what a firewall is in the most basic way possible, we could say that it is a protective layer that stops potential attacks from reaching your site while it makes hundreds or sometimes even thousands of connections every day in order to send and receive data.
Although both are intended to protect your site, a firewall and an SSL certificate should not be mistaken for each other since the SSL certificate has a totally different purpose and way of functioning. That way of functioning being hiding data from the public eye by cleverly encrypting it.
A firewall on the other hand is sort of a filter, a rule-based one, that monitors who/what is trying to access the site and either gives them permission or blocks them by assessing their character/reputation.If you want to learn how a #WordPress #firewall can enhance not only your site's #security but also its #performance, then this article is the perfect read for you! Click To Tweet
In this article, we will be discussing a special kind of firewall, the WordPress firewall also known as the web application firewall.
This firewall shields a WordPress site from dangerous incoming traffic by blocking all common types of security threats even before they get to the website.
Now, why did we decide to take on this topic? Well because protection is something every website needs and a firewall is just one aspect of it that you need in order to make it foolproof.
But before we get into explaining all the ins and outs of WordPress firewalls we should first talk about all the firewall generations that came before them. So let’s get right to it!
The evolution of Firewalls
1st Generation Firewalls (Packet Filtering)
The first generation of firewalls was created with the purpose of monitoring network traffic. They worked using something called packet filtering but without the understanding of traffic payload.
This of course led to problems because any sites hosted on a network had to open port 80 for the public through the firewall. And after opening that port all incoming traffic including the malicious kind was let through, and thus totally defeated the purpose of a firewall.
So in a nutshell, these firewalls were more about letting traffic flow in or out of an application and not really about checking if that traffic was good or bad.
2nd Generation Firewalls (Stateful Filtering)
The second generation was of course more advanced and operated on layer four of the OSI model.
Fun fact, it was developed by AT&T.
The stateful filters that theses firewalls were named after were also known as circuit-level gateways. They worked as a checkpoint which decided whether access is denied or granted for a specific application destination.
Another great thing about these firewalls was that their administrators were able to program rules into them and thus helped the firewalls determine the severity of a threat that is trying to access the site.
And although these firewalls weren’t all that perfect considering the fact that they had a lot of limitations when it came to the control of the traffic, they were definitely a huge step up from their first-generation counterparts.
3rd Generation Firewalls (Application Layer Filtering)
The third generation is the category of firewalls that we use today. And even tho they were invented in the middle of the nineteenth century, with a few advancements here and there they became a firewall technique that has a full understanding of applications and protocols.
What that means is that these firewalls are capable of understanding if a packet’s payload is for the FTP server and what is the request.
Thanks to their effectiveness, these firewalls led to what is the focus of this article – WordPress/web application firewalls.
WordPress/Web application firewalls
Let’s get one thing out of the way, web application firewalls aren’t what is often referred to as traditional firewalls. Why? Well because traditional firewalls often have trouble detecting traffic that comes from software such as an app, service, etc..
Web application firewalls, on the other hand, specialize in working with apps, services, etc. and can quickly catch malicious attempts that would pass normally through traditional firewalls.
When this type of firewall is installed on a WordPress website, it then runs between the site and the internet all while monitoring and checking the incoming HTTP requests.
Once a suspicious request is spotted, the firewall drops the connection thus stopping the request.
How does it work
If we’re being quite blunt, the way WordPress firewalls work is pretty similar to malware detection software. Meaning the firewall will take a list of known attack signatures and use it to match the request to each one of them.
If the payload of that specific request and one of the signatures do in fact match, the request will be deemed as malicious.
A great thing about WordPress firewalls is that you are allowed to define your own set of rules. But when doing so, you should be very cautious in order to avoid making a mistake and blocking off harmless traffic.
Some WordPress firewalls even go as far as having auto-learning technology which uses analytics to decipher what is good and what is bad traffic. Awesome, right?
On top of all that, a lot of web application firewalls operate on the cloud (even though they can come in the form of hardware or software) which means that they won’t make any big changes to your server during setup.
Like traditional firewalls, these also come in different types. So let’s see exactly which ones.
WordPress Firewall Plugins
If you’re a WordPress user then you know what plugins are, so no need to explain that part. What we will explain though is what WordPress firewall plugins (also known as self-hosted WordPress firewalls) are.
These are usually very affordable or sometimes even free tools that come equipped with malware scanners.
This type of firewall is initialized by WordPress, and once they are installed, every HTTP request sent to your website will go through the following process:
- First, it is received by a web server service (Apache or Nginx)
- Next, WordPress is initialized by the WordPress bootstrap/load (wp-config.php, initializes the database connection, WordPress settings, etc).
- And lastly, before the request is processed by WordPress it gets parsed by the firewall plugin
If you’re on the fence about whether this type of firewall is for you, the answer is yes if you have an SMB.
Generic Web Application Firewalls (WAF)
This second major type of firewall is in a sense a web-based security system that has the purpose of filtering bad HTTP requests which are transmitted between a visitor/customer and a website.
These WAFs are certainly more secure solutions than WordPress firewall plugins. However, they are expensive and one does require specific technical expertise to manage them. For that reason, they are not typically used by small businesses.
So although you are free to get yourself this type of firewall, if you aren’t a big serious business, this might not be the best option for you.
Cloud-based WordPress Website Firewalls
Last but not least come cloud-based firewalls.
Basically, these firewalls sit in the middle between the source of the traffic and a site, blocking bad traffic before it reaches the site.
This is a great option if you want to put less strain on the server as well as the site and allow them to use resources for other important things such as loading/displaying a site.
Another great aspect is that these firewalls don’t need to be installed on the same network as your web server. Instead, all you have to do is configure the domain DNS to point to it.
What this will do is actually redirect communication from your website to the firewall thus keeping it extra safe.
Lastly, it’s important to mention that these firewalls usually have more than one scope, meaning they can protect a site from attacks but can also be a CND and/or caching server.
If you want to get yourself this type of firewall you’ll be happy to hear that they are in most cases more affordable than any other type.
Do you need a firewall
The answer to this question is a definite yes because any device that has access to the internet needs protection and a firewall is just one form of it.
Just take a second and think about all the risks your site faces when it’s unprotected. From small malware to intrusions, everything is a possibility. And depending on what kind of site you have, the data it stores could be extremely sensitive, valuable, and made up of personal info or even financial details.
Even if an attacker doesn’t manage to access your site and place malware, without a firewall they are more than free to overload your site with requests causing it to completely crash.
Although sites today are much more advanced than they once were, they are also more targeted by all types of attacks from hackings to DDoS. But luckily, as you could learn from this article, there are plenty of ways to protect them. Or in other words, there are plenty of firewalls and firewall types you can use in your defense.
With that said, we should also note that a firewall should not be your only form of protection because hackers nowadays have strategies that sometimes require a multi-layer “shield”.
Also when picking a firewall for your site, double-check who created it and how good their customer support is. Because with a responsive and reliable vendor, you’ll easily overcome any bumps on the road!