Publishing a web application opens up the threat of various application layer attacks. The attack can be performed on the exchange between clients and web servers. Attackers often consider them as easy targets. Web application firewall protects from these kinds of attacks which occur at layer 7.