A Web Application Firewall (WAF) protects websites from attacks, such as sql injection, XSS, CSRF, protocol violations as well as application specific vulnerabilities. Our enterprise WAF sits on the EDGE between the internet and your server stopping attacks before they reach you.
Choose rulesets from OWASP, Trustwave and Atomic, easily customise sets to remove specific rules to stop false positives for your application.
Apply industry leading block lists to automatically stop requests from IPs with bad reputations, stop forum spammers, bots, active attackers, tor users and more. Manage your own whitelist/blacklist, control access from individual IPs, subnets or even whole countries.
Our WAF is integrated into our CDN/Optimisation platform meaning there are no external calls and all checks are done in process resulting in less than 5ms latency to requests with instant global propagation of changes.
Specify limits on page views from individuals within a specified frame before blocking them. Perfect for stopping crawlers ori brute force attacks on log in pages before they get to your site.
Customise the WAF with application specific software, eg Magento, Wordpress to enable virtual patching. This means your site is protected against the latest threats even if you aren't up to date.
Run the WAF in warn only mode to generate events but not actually block end users, this allows you to train the WAF to reduce false positives.
Full logs of events triggered by the WAF with full request headers and matching rules.
Get all features on our cheapest plans.