Does Acunetix detect if a Target website is behind a web application firewall?
The use of a Web Application Firewall to protect web applications is very often considered a best practice. However, by the very nature of what WAFs are designed to do, they interfere with the scans made by Acunetix. Because of this, when Acunetix scans your Target website, it analyzes the responses to identify whether the Target is protected by a web application firewall and reports this as an informational alert.
🔍 Acunetix Scans - Targets with & without WAFs |
To get a true understanding of the robustness of your web application, you should arrange to have a staging version of the Target web application that is NOT protected by a WAF. |
Acunetix can detect the following WAFs:
360WangZhanBao | dotDefender | Profense |
Accenture ZScaler | DynamicWeb | Radware AppWall |
aeSecure | eEye SecureIIS | Reblaze |
Airlock | ExpressionEngine | RSFirewall! |
Akamai Kona Site Defender | F5 FirePass | Sabre WAF |
Alert Logic WAF | F5 Traffic Shield | Safe3 WAF |
Aliyundun | FortiWeb | SafeDog |
Anquanbao | GoDaddy Website Protection | Sakura SiteGuard |
AnYu Technologies WAF | Greywizard | Sitelock TrueShield |
Approach | HyperGuard | SonicWall |
Armor Defense | IBM DataPower | Sophos UTM |
ASP.NET RequestValidation | IBM Proventia | StackPath |
ASP.NET URLScan | iFinity URLMaster | Sucuri |
Astra Protection | Imperva SecureSphere | Tencent Cloud WAF |
Barikode | Imunify360 | Teros/Citrix Application Firewall Enterprise |
Barracuda | Incapsula WAF | USP Secure Entry Server |
Barracuda NetContinuum | Instart DX | Verizon Edgecast |
Bekchy | ISA Server | Viettel WAF |
BinarySec | Janusec | VirusDie |
BitNinja | Jiasule | Wallarm WAF |
BlockDoS | KnownSec KS-WAF | WatchGuard |
Bluedon | Malcare | WebARX |
CacheWall | Mission Control Application Shield | WebKnight |
CdnNs WAF | ModSecurity | WebSEAL |
ChinaCache CDN | Naxsi | WebTotem |
Chuang Yu Shield | Nemesida | Wordfence |
Cisco ACE XML Gateway | Neusoft SEnginx | WTS-WAF |
Citrix Netscaler | NevisProxy | XLabs Security |
Cloudbric | NewDefend | Xuanwudun |
Cloudflare WAF | Nexusguard WAF | Yunaq Chuangyu |
Cloudfront | NinTechNet NinjaFirewall | Yundun |
Comodo cWatch | NSFocus | Yunjiasu CDN (Baidu) |
CrawlProtect | Palo Alto Next-Generation Firewall | Yunsuo |
Distil | PerimeterX | Zenedge |
DOSarrest | pkSecurityModule IDS | ZScaler |