====== Web Application FireWall WAF ======

Applies rules to HTTP/HTTPS

can allow or deny based on expected input to a form to prevent things like SQL injection.

WAF is a major focus of [[PCI DSS]]