A Web Application Firewall (WAF) protects websites from attacks, such as SQL injection, XSS, CSRF, protocol violations and application specific vulnerabilities. Our enterprise WAF sits on the EDGE between the internet and your server stopping attacks before they reach you.
The Peakhour Advantage
Industry Leading Rulesets
Choose rulesets from OWASP, Trustwave and Atomic. Easily customise sets to remove specific rules to stop false positives for your application.
Industry Standard Blocklists
Apply industry leading block lists to automatically stop requests from IPs with bad reputations, stop forum spammers, bots, active attackers, tor users and more. Manage your own whitelist/blacklist, control access from individual IPs, subnets or even whole countries.
Our WAF is integrated into our CDN and optimisation platform, eliminating external calls and performing all checks in process. Less than 5ms latency is added to requests and changes are propagated instantly globally.
Specify limits on page views from individuals within a specified frame before blocking them. Perfect for stopping crawlers or brute force attacks on log in pages before they get to your site.
Application Virtual Patching
Customise the WAF with application specific software, eg Magento, Wordpress to enable virtual patching. This means your site is protected against the latest threats, even if you aren't up to date.
Run the WAF in warn only mode to generate events but not actually block end users, this allows you to train the WAF to reduce false positives.
Full logs of events triggered by the WAF with full request headers and matching rules.
Complete Feature Set
Get all our performance and security features across all our plans.