Web Application Firewall Applied In The E-Commerce Platform

This paper mainly researches web application firewall applied in the e-commerce platform, through the analysis of the current status of E-commerce’s web application security and web firewall concepts, classifications, working principle and the development of the status quo. We proposed web application firewall in E-commerce platform, which is necessary and urgent. Shopping online has become one of the ways that people’s shopping. Web attendant security situation is increasingly serious, many cyber criminals use a variety of network attacks to steal a user’s e-commerce website trading platform store credit card numbers, online banking accounts, transaction records and other information. These networks are criminal acts, and severely hampered the normal development of E-commerce. However, the traditional network security tools, such as the traditional intrusion detection systems, firewalls, etc. They are based on the network layer or the physical layer of protection, while the most current network attacks through the application layer to the invasion site is ineffective. Web application firewall is a computer network-based application layer firewall designed, can effectively prevent the current attack various sites.After the introduction of a variety of mainstream web attack and defensive measures based on the proposed E-commerce platform, web application firewall that have the characteristics as well as its functionality and architecture design, and web application firewall’s applied analysis and so on. Finally, a simulation experiment in E-commerce platform, the Linux system set up an E-commerce site, and then installed on the server Naxsi that is open source web application firewall, the site implemented a variety of web attacks, and not using web application firewall website contrast, through traffic analysis proved that web application firewall can effectively block the most web attacks.Finally, through Naxsi module code optimization, to make E-commerce platform better able to adapt to the environment. Web application firewall in the future mainstream of network security, will have better development. In this thesis, there are many shortcomings, such as how to better integrate Naxsi and E-commerce platform, to maximize its performance play. Hardware Web application firewall is the first choice for business, but due to the influence of experimental environment, this paper will not detailed introduction and analysis on it.