Attackers can easily take advantage of your web server’s weaknesses to steal data, obtain unauthorized access and infect systems. They simply have to do something the web server doesn’t expect. Manually protecting the web server against these threats requires specialized expertise.
Sophos Web Server Protection eliminates this need. We use a reverse proxy to protect your web server and web applications against the unknown. A clear administrative interface simplifies policy setting.
Web Application Firewall
Hackers can use a number of attack methods to silently test your site and applications for security holes. Our Web Application Firewall keeps hackers at bay by scanning their activity and identifying probes and attacks.
The Sophos Web Application Firewall adds a scanning engine and attack pattern recognition to the Web Server Protection suite of tools. Easily create a security profile and in minutes your servers are protected from attacks like SQL injection and cross-site scripting (XSS). Patterns are downloaded and applied in real time to keep you protected automatically.
The Sophos Web Application Firewall identifies and prevents attacks against your web servers and applications:
Our dual scanning engines operate in parallel at the network gateway, scanning all traffic to and from your web servers. Visitors are unable to upload infected content, and your servers are protected from exploits. Making sure they don’t hand out malicious files and infected content to your customers.
Malware is most commonly carried via the web and also in emails. Our solution stops malicious content before it enters the network. Our dual-scanning system scans files, messages and website objects twice with different engines. Reducing the risk of new and emerging threats from entering the network undetected.
Our antivirus includes the following features and capabilities:
We inspect and validate the information submitted by visitors via forms on your websites. This stops users from submitting invalid data that can damage or exploit your server.
Form hardening is designed to prevent website visitors from submitting unexpected information via web forms. We check the data for each field to make sure it is valid. For example, if a user is offered a ratings dropdown with a possible value of “1-5,” any other number is invalid. Sophos Form Hardening rejects the form so your web server and applications remain protected.
Sophos Form Hardening technology gives you control of the data submitted via forms on your site with:
When your web server tries to interpret a crafted URL, it can create a hole that can be used to obtain access to your server. Our URL Hardening technology enforces the requests that a visitor is allowed to make, restricting them to valid ones only.
URL Hardening enforces the requests a client is allowed to make of a web server. It makes certain that the user’s next click is one the web server is actually expecting. This protects your web server if you have left a directory open, misconfigured a script/application or otherwise left your site open to exploitation. Simply define the “ingress” points for your website (i.e., www.sophos.com).
Sophos auto-whitelists’ the users next available “moves” by examining the valid links and navigable points the web server issues. Thus, URL Hardening regulates users’ activity to known paths and areas of expected access.
Sophos URL Hardening lets you keep visitors on proper paths as they move around your site(s):
Hackers can exploit cookies and put your website visitors at risk. Our Cookie Protection ensures that the cookies given to visitors by your web servers have not been tampered with. Each cookie is digitally signed so the integrity of the information can be verified.
Attackers can exploit the contents of cookies for their own gain. You can prevent cookie tampering by becoming an expert on cookies and how they can be used against users. Or you can prevent cookie tampering with Sophos Cookie Protection. Each cookie is digitally signed. Any attempt to tamper the cookie invalidates the signature. The server can verify that the cookie is valid before it is processed.
Sophos Cookie Protection prevents hackers from changing the contents of a cookie distributed by your web server(s) to your users: