Sits between web requests and the web server with its primary purpose being to protect the webserver from hacking or denial of server (DOS) attacks. Analyzes web traffic for common attack techniques, if the request is from a real browser or from a bot. Checks for excess web requests utilizing **rate limiting** which only allows a set number of requests from a single IP address per second.