A Web Application Firewall (WAF) filters, monitors, and blocks HTTP/S traffic to and from a web application to protect against malicious attempts to compromise the system or exfiltrate data. A WAF can prevent web application attacks such as Cross-site scripting (XSS), SQL injection, cookie poisoning, invalid input, layer 7 DoS, brute force and credential stuffing, or web scraping.