Prophaze WAF can prevent session fixation attacks by the following ways

• Prevents attackers to hijack a valid session

• Blocks setting cookie values with in html

• Blocks session parameter with off-domain referrer

• sessid parameter with no referrer