This paper presents a comprehensive framework designed to address the growing need for securing web-based platforms in today's digital age, where the internet is integral to everyday life. The increasing complexity of cyber threats necessitates advanced solutions, prompting the development of a robust framework that focuses on detecting and mitigating vulnerabilities within web applications. Specifically, this framework targets Cross-Site Scripting (XSS) vulnerabilities and inadequate HTTP header configurations, along with providing protection against SQL injection attacks. The proposed approach leverages state-of-the-art machine learning (ML) algorithms to enable proactive threat detection, enhancing the capability of organizations to identify and neutralize XSS attacks effectively. Furthermore, the framework incorporates real-time network protection mechanisms, exemplified by the integration of the pfSense firewall, to mitigate threats at the network level preemptively. This holistic approach to web security not only reinforces organizational resilience but also ensures compliance with regulatory standards and best practices, thereby reducing the risk of non-compliance and enhancing stakeholder trust. Overall, this framework represents a significant advancement in fortifying the security posture of web-based systems, enabling organizations to navigate the evolving threat landscape confidently and protect critical services and sensitive information.