A web application firewall (WAF) is an application firewall for HTTP applications. It bid a set of rules to HTTP conversion. Generally, such rules secure common attacks such as SQL injection and cross-site scripting (XSS). While proxies usually protects clients,