Compare UK Hosting
Last updated: 2026-03-16

What is Firewall?

Definition

A firewall is a security system that monitors and controls incoming and outgoing network traffic based on predetermined rules. In web hosting, firewalls protect your server from unauthorised access, hacking attempts, malware, and malicious traffic. Web Application Firewalls (WAFs) specifically protect websites from common attacks like SQL injection and cross-site scripting.

Why It Matters

  • First line of defence against hacking attempts
  • Blocks malicious traffic before it reaches your site
  • Prevents data breaches and unauthorised access
  • WAFs protect against common web vulnerabilities
  • Essential for meeting security compliance standards

How It Works

Firewalls sit between your server and the internet, inspecting every incoming request. Network firewalls filter traffic by IP address, port, and protocol. Web Application Firewalls (WAFs) go deeper, examining HTTP request content for malicious patterns like SQL injection, XSS attacks, and file inclusion exploits. When suspicious traffic is detected, the firewall blocks it while allowing legitimate visitors through. Rules can be customised and are constantly updated to address new threats.

Pros & Cons

Advantages

  • Blocks attacks before they reach your application
  • Reduces server load from malicious traffic
  • Protects against known vulnerabilities
  • Can be managed or automated by your host
  • Logs provide valuable security intelligence

Disadvantages

  • Can occasionally block legitimate traffic (false positives)
  • Advanced WAFs can be expensive
  • Misconfigured rules may break functionality
  • Not a complete security solution on its own
  • Some attacks bypass basic firewalls

Common Misconceptions

  • !A firewall makes you completely secure (It's one layer of many)
  • !All firewalls are the same (Network vs. application firewalls serve different purposes)
  • !Free firewalls are adequate (Paid WAFs offer significantly better protection)
  • !Firewalls slow down websites (Modern firewalls add negligible latency)

Do You Need Firewall? Checklist

Consider firewall if any of these apply to you:

  • Your host provides server-level firewall protection
  • A WAF is active for your website
  • Firewall rules are regularly updated
  • You've reviewed firewall logs for suspicious activity
  • Custom rules are configured if needed
  • False positive handling is in place

Recommended Hosts for Firewall

Kinsta

Google Cloud Armor WAF with enterprise-grade protection

Read Review

SiteGround

Custom WAF with AI-driven threat detection

Read Review
View All Provider Reviews

Frequently Asked Questions

What is the difference between a firewall and a WAF?
A network firewall filters traffic by IP, port, and protocol—blocking unwanted connections. A Web Application Firewall (WAF) inspects HTTP traffic content, blocking specific attack patterns like SQL injection. Most hosting security uses both layers together.
Do I need a firewall if my host provides one?
Host firewalls protect the server infrastructure. Adding a WAF (like Cloudflare or Sucuri) provides application-level protection. For WordPress, security plugins like Wordfence add another layer. Multiple layers offer the best protection.
Does Cloudflare act as a firewall?
Yes. Cloudflare's free plan includes basic WAF protection. Their paid plans offer advanced WAF with OWASP rule sets, custom rules, and bot management. Cloudflare sits between visitors and your server, filtering traffic before it reaches your host.
Can a firewall block legitimate users?
Occasionally, yes. Aggressive rules might block legitimate requests (false positives). This is more common with strict rate limiting or geo-blocking. Good WAFs let you whitelist IPs and tune rules to minimise false positives.
What is a WAF rule set?
Rule sets are collections of security rules that define what traffic patterns to block. OWASP Core Rule Set is the industry standard, covering common attacks. Hosts like SiteGround create custom rule sets based on their threat intelligence.
How do I know if my firewall is working?
Check firewall logs in your hosting panel or security plugin. Look for blocked requests and attack patterns. You can test with security scanning tools like Sucuri SiteCheck or use penetration testing services. Regular monitoring is important.
What attacks does a WAF prevent?
Common attacks blocked: SQL injection (database manipulation), XSS (cross-site scripting), CSRF (cross-site request forgery), file inclusion exploits, brute force login attempts, and bot attacks. Good WAFs update rules as new vulnerabilities emerge.

Related Terms

Need Help Choosing?

Use our calculator to find the perfect hosting plan for your needs.

Try Calculator
Back to Glossary