At this time Internet services have become a necessity no longer to provide information services, but have become important so there are many cases of websites being hacked by attackers, for that network security is very important to avoid theft of important data Security in a web application is a important aspect to have. Securing a web application can be done by installing a firewall that is connected directly to the server network. Security for a web application usually uses a web application firewall installed on a web server. To overcome a security problem in Web Applications and minimize losses caused by SQL Injection and XSS attacks, we need a way to overcome these attacks. Several security measures have been used, such as the use of fortiweb to set the traffic destination for a web application. In this study, we will use a Web Application Firewall (WAF) device. Because it can protect Web applications from existing malware attacks and zero day malware. This final project will implement a Web Application Firewall (WAF). By way of device configuration and will use DVWA for malware testing. The technology that will be used to monitor malware logs will use VMware. From the results of testing a web application firewall, it is hoped that it can implement and prevent various malware attacks that attack web applications and can monitor the logs of an attacking malware.