Uncommon protection from common threats
Prevent hackers from exploiting your website and applications—without getting the web developers involved.
Hacker Prevention
Our Web Application Firewall intercepts traffic to your servers using a reverse proxy with dual scanning engines and attack pattern recognition.
- Protects your web servers from tampering and hacking attempts
- Secures web applications against over 350 different attack patterns
- Stops attacks including SQL injection, cross-site scripting, directory traversal and malicious uploads
Server Hardening
Guards against the exploitation of vulnerabilities in your web applications and closes the door on hackers attempting to exploit your site
- URL hardening prevents hackers from manually constructing “deep-links” that lead to unauthorized access
- Form hardening ensures malicious scripts and code cannot be entered to exploit your database
- Cookie protection makes sure your cookies are signed to prevent tampering
Convenient profiles
With Sophos, you don’t need any special training to setup your web application firewall. We provide a clear administrative interface that provides powerful customization. No expertise needed.
Active web servers in your network are automatically located and the UTM prefills configuration to ensure instant protection. Get support for multiple profiles, including predefined profiles for Microsoft Outlook Web Access (OWA). Apply these to different servers with granular options to skip or enforce different checks as needed.

Complete visibility
The dashboard instantly shows you the status and activity of your Webserver Protection. Better understand the threat you’re facing using detailed logging and reporting, and analysis of transactions and attacks.
You get a full transaction log of all activity in readable format. Daily activity reports and usage graphs are available on-box without the need for separate reporting products.
Visual reporting charts clearly identify spikes and deviations and can export reporting data to CSV or PDF if required.
Flexible routing
Quickly process and intelligently modify all web server communication. Identify and block all hacking attempts.
- Integrated load balancer spreads visitors across multiple servers
- Site-path routing directs specific paths on the site to desired physical machine(s)
- Quick server switch allows easy maintenance


Simple Management
At Sophos, simplicity is our mantra. You’ll have complete control over all the security features you need all in one place, with none of the complexity.
We’ve invested heavily in streamlining our interface. This way you won’t have to reach for the manual every time you need to update a policy or change a setting. So you’re never more than a couple clicks from completing your task.
Flexible deployment
Our Web Application Firewall is part of Sophos UTM. You can deploy it separately or as part of a complete security solution, from the network firewall to endpoint antivirus.
- Install as hardware, software or a virtual appliance or even in the cloud
- License our protection modules individually. Or, you can choose one of our pre-packaged licenses
- Centrally manage multiple appliances through IPsec VPN tunnels with our Free UTM Manager
