Web application firewall (WAF) helps to protect web applications (such as CMS) from website attacks (DDoS attacks, Cross-Site Forgery, Cross-Site-Scripting (XSS), File Inclusion, and SQL injection) by filtering and monitoring HTTP traffic between a web application and the Internet, it denies all the unwanted traffics that do not seem to be legitimate behavior, what makes our security harden is the firewall settings and Page rule on URL.