Cybersecurity best practices and DDoS defence strategies
Included as an integral part of Application Protection (AP), Nexusguard Web Application Firewall (WAF) is a cloud-based firewall that can be customized to match the security needs of organizations. It effectively protects websites and applications against evolving threats by analyzing and inspecting incoming requests to websites and applications, and also includes specifically configured mitigation actions to handle each OWASP Top 10 threat category.
Nexusguard’s WAF engine generates and assigns a unique CSRF token to the Form page URL and Submit page URL. The tokens are inserted within hidden parameters of HTML forms, and then passed to the client browsers. Whenever a user submits a form or makes an authenticated request, the request generated by the browser includes the associated CSRF token, in this case a computed hash value, which is used by the application server to validate that the HTTP referrer is from a trusted domain. If a match is found, the request is forwarded to the application server for processing, otherwise it is rejected, instantly blocking the unauthenticated request.
To learn more about how to prevent cybercriminals from exploiting the Web application’s CSRF vulnerability, please read about our Application Protection.
Nexusguard’s highly customizable cloud-based Web Application Firewall (WAF) assures protection of web applications against common web exploits that compromise security.