Command & Code: Web Firewall

Block XSS, SQL injection, and trackers with real-time analytics. Privacy-first local-only protection for secure browsing.

PROTECT YOUR BROWSING WITH ENTERPRISE-GRADE SECURITY Web Firewall Extension brings professional-grade web security to your browser, protecting you from XSS attacks, SQL injection, malicious scripts, and invasive tracking—all while respecting your privacy with 100% local-only processing. Developed by Command & Code Labs, a leader in browser security innovation, this extension empowers users to take control of their online safety without compromising performance or privacy. THE THREATS YOU FACE DAILY Every time you browse the web, you're exposed to: • CROSS-SITE SCRIPTING (XSS): Malicious scripts injected into legitimate websites that steal your passwords, session tokens, and personal data • SQL INJECTION: Attackers manipulating database queries through URL parameters to breach website security • TRACKING & ANALYTICS: Hidden scripts that follow you across the web, building detailed profiles of your browsing habits • MALICIOUS REDIRECTS: Fake JavaScript and data URLs designed to hijack your browser and execute harmful code • COOKIE THEFT: Unauthorized access to your browser storage, exposing login credentials and sensitive information Traditional security solutions can't catch everything. Antivirus software stops downloads, but not web-based attacks. Ad blockers focus on ads, not security. You need specialized protection designed specifically for modern web threats. HOW WEB FIREWALL PROTECTS YOU Web Firewall acts as your personal security guard, inspecting every web request before it reaches your browser: 1️⃣ REAL-TIME THREAT BLOCKING • Analyzes URLs, scripts, and resources in milliseconds • Blocks malicious content before it can execute • Uses Chrome's native Declarative Net Request API for zero performance impact 2️⃣ INTELLIGENT SECURITY MODES • Balanced Protection: Daily browsing security that doesn't break websites • Maximum Security: Enhanced protection for high-risk environments • Custom Rules: Power users can create their own advanced filters 3️⃣ COMPREHENSIVE THREAT COVERAGE • XSS Prevention: Blocks script injection attacks (javascript:, data: URLs, inline scripts) • SQL Injection Defense: Stops database manipulation attempts (UNION SELECT, OR '1'='1') • Tracking Protection: Eliminates Google Analytics, tracking pixels, and data brokers • Admin Path Security: Prevents accidental exposure to sensitive admin interfaces • Browser Storage Protection: Guards your cookies, localStorage, and sessionStorage 4️⃣ PRIVACY-FIRST ARCHITECTURE • 100% local processing—no data ever leaves your device • No cloud connections, no external servers, no data collection • Telemetry stored locally only, fully under your control • Export your security data anytime in JSON or CSV format REAL-TIME ANALYTICS DASHBOARD Unlike other security tools that work silently in the background, Web Firewall gives you complete visibility into your protection: • Live threat counter on your toolbar badge—see exactly how many attacks we've blocked • Detailed analytics page showing: ✓ Total blocked requests with timestamps ✓ Top blocked domains (analytics trackers, malicious sites) ✓ Most active security rules and their effectiveness ✓ Chronological log of every blocked threat with full details • Export capabilities for security analysis and reporting • Rule ID tooltips—hover over any rule to understand what it blocked and why ADAPTIVE SECURITY MODES Choose the perfect balance between security and usability: BALANCED PROTECTION MODE (Recommended) Perfect for everyday browsing. Blocks: • All XSS attacks (javascript:, data: URLs, script injection) • SQL injection attempts • Analytics and tracking scripts (Google Analytics, Facebook Pixel, etc.) • Malicious URL patterns MAXIMUM SECURITY MODE For high-risk environments like public Wi-Fi or untrusted networks. Adds: • Browser storage access blocking (prevents cookie theft) • Admin path protection (blocks /wp-admin, /phpmyadmin access) • Enhanced XSS detection with paranoid-level pattern matching • Additional malicious script prevention CUSTOM RULES MODE Power users can create sophisticated filtering rules: • JSON-based rule configuration • Support for regex patterns and complex conditions • Filter by resource type (scripts, images, frames, etc.) • Domain allowlists and blocklists • Professional-grade declarative syntax INTELLIGENT RULE SYSTEM Every blocked request is tagged with a Rule ID that tells you exactly what happened: • Rule 10001: JavaScript URL Protocol—blocked javascript: XSS attempt • Rule 10002: Data URL Protocol—stopped malicious data: URI • Rule 10010: XSS Patterns—caught script injection in URL parameters • Rule 10020: SQL Injection—prevented database attack • Rule 10030: Analytics/Tracking—blocked tracking script • Rules 80000+: Dynamic runtime protection rules • Rules 55000+: Your custom user-defined rules Hover over any Rule ID in the analytics dashboard to see a detailed explanation with examples—perfect for learning about web security! ZERO PERFORMANCE IMPACT Built on Chrome's native Declarative Net Request API, Web Firewall delivers: • Instant filtering with no page load delays • Minimal memory footprint (under 5MB) • No CPU overhead—filtering happens in Chrome's optimized engine • Efficient telemetry with smart data aggregation • Scales to thousands of rules without slowdown WHO SHOULD INSTALL WEB FIREWALL? ✅ PRIVACY-CONSCIOUS USERS If you're concerned about online tracking and data collection, Web Firewall blocks analytics scripts, tracking pixels, and third-party data brokers—all while keeping your browsing data completely private. ✅ SECURITY PROFESSIONALS IT professionals, security researchers, and developers need visibility into web threats. Our detailed analytics, rule customization, and export features give you the tools to analyze and respond to attacks. ✅ REMOTE WORKERS & TRAVELERS Public Wi-Fi at coffee shops, airports, and hotels is notoriously insecure. Maximum Security mode protects you from man-in-the-middle attacks, cookie theft, and malicious injections on untrusted networks. ✅ STUDENTS & EDUCATORS Educational institutions are common targets for cyberattacks. Web Firewall provides an additional layer of security when accessing academic resources, research databases, and online learning platforms. ✅ EVERYDAY INTERNET USERS You don't need to be a security expert to benefit from protection. Balanced mode works automatically, blocking threats you didn't even know existed while letting you browse normally. ✅ DEVELOPERS & TESTERS Test your web applications against common attack vectors. Use custom rules to simulate different security scenarios and validate your own web security implementations. REAL-WORLD PROTECTION SCENARIOS BROWSING NEWS SITES Major news websites load dozens of analytics and tracking scripts. Web Firewall blocks: • Google Analytics tracking your reading habits • Facebook Pixel building your interest profile • Third-party ad networks collecting your data Result: You read the news privately, without being tracked across the web. ONLINE SHOPPING E-commerce sites often have vulnerabilities that attackers exploit. Web Firewall prevents: • XSS attacks that steal your payment information • Cookie theft that hijacks your shopping session • Malicious redirects to fake checkout pages Result: Your shopping experience is secure and your payment data stays protected. WORKING REMOTELY When you connect to company resources from public Wi-Fi, Web Firewall provides: • Protection against man-in-the-middle attacks • Blocking of malicious injection attempts on untrusted networks • Prevention of browser storage theft (cookies, session tokens) Result: Your work credentials and company data remain secure, even on risky networks. EXPLORING NEW WEBSITES Visiting unfamiliar sites carries risk. Web Firewall guards against: • Drive-by download attempts via javascript: URLs • SQL injection attacks through URL parameters • Malicious scripts embedded in legitimate-looking content Result: You can explore the web confidently, knowing dangerous content is automatically blocked. SIMPLE SETUP, POWERFUL PROTECTION Getting started takes just 30 seconds: 1️⃣ INSTALL THE EXTENSION Click "Add to Chrome" and pin it to your toolbar 2️⃣ CHOOSE YOUR SECURITY MODE • Start with Balanced Protection (recommended) • Upgrade to Maximum Security for high-risk environments • Create custom rules if you have specific needs 3️⃣ BROWSE NORMALLY Web Firewall works silently in the background, blocking threats automatically 4️⃣ CHECK YOUR ANALYTICS (OPTIONAL) Click the extension icon → Analytics to see what we've blocked Watch your protection statistics grow as you browse That's it! No complicated configuration, no technical expertise required. Web Firewall protects you from the moment you install it. PRIVACY COMMITMENT YOUR DATA NEVER LEAVES YOUR DEVICE Many security extensions send your browsing data to cloud servers "for analysis." We don't. Here's our guarantee: ❌ NO DATA COLLECTION We don't collect your browsing history, blocked URLs, or any personal information. ❌ NO CLOUD SERVERS All filtering happens locally in Chrome using native APIs. No external connections. ❌ NO THIRD-PARTY SHARING Your security data is yours alone. We never share, sell, or transmit it. ✅ LOCAL-ONLY STORAGE Telemetry is stored in Chrome's local storage, accessible only to you. ✅ FULL CONTROL Export your data anytime. Clear it with one click. Complete transparency. ✅ OPEN DOCUMENTATION Our privacy policy is clear, detailed, and written in plain language. This isn't just a feature—it's our core principle. Security and privacy go hand in hand.