WAF
StackPath’s cloud-based next-gen Web Application Firewall (WAF) provides your websites, web applications and APIs with the protection they need against known vulnerabilities and common exploits by applying sets of rules (policies) and behavioral analysis to incoming requests.
The StackPath WAF is designed to work out-of-the-box, as it includes pre-defined sets of protection policies, however, it also allows you to create customized sets of rules designed to filter traffic as desired. You can further analyze this traffic through our WAF’s built-in reporting system, which you can use to determine how to manage your policies and rules as needed.
StackPath’s WAF is composed of two parts:
| WAF Edge Nodes | Behavioral Components |
| WAF edge nodes help to validate traffic by applying various rule sets to incoming requests. After inspection is complete, these nodes are responsible for either blocking or allowing these requests, based on the analysis performed in the Behavioral Components portion. This feature is typical of a standard first-gen WAF. | The behavioral components of our WAF analyze incoming requests and determine the action the WAF edge nodes should perform against them. The addition of this deep analysis component is what separates a first-gen WAF from a next-gen. |
As you navigate through this Help Center, you will discover that StackPath’s WAF offers key features such as:
Categories
-
Setting up a WAF Instance on an Existing Site
Setting up a WAF Instance on a New Site
See all 5 articles -
Anti-Automation & Bot Protection
Behavioral WAF (Advanced Threat Detection)
See all 6 articles -
Adding API Endpoints to the StackPath WAF
Allowing and Blocking IP Addresses
See all 5 articles -
View and Understand DDoS Analytics
See all 5 articles -
WAF Professional and Enterprise Features
Advanced Rules | Rate Limitation
See all 6 articles -
WAF JavaScript Injection Explained
See all 3 articles -
Enabling and Troubleshooting Bot Protection
Troubleshooting 502 and 504 Errors
See all 3 articles -
WAF Security Advisories and Vulnerabilities
July 18, 2022 | Mitigating Apache Spark UI CVE-2022-33891
June 2, 2022 | Mitigating Confluence RCE CVE-2022-26134
May 18, 2022 | Mitigating VMWare Critical Vulnerabilities
See all 3 articles
Not finding what you need?
95% of questions can be answered using the search tool. This is the quickest way to get a response.