Web Application Firewall
Create a service request Ask the community
![]() |
![]() |
||
Overview of Web Application Firewall | Getting Started | ||
Get a high-level overview of the WAF service. |
Follow a guided journey to set up WAF. |
Features
See Origin Management for more information.
Bot Management enables you to mitigate undesired bot traffic from your site using CAPTCHA and JavaScript detection tools, while enabling known published bot providers to bypass these controls.
Non-human traffic makes up most of the traffic to sites. Bot Manager is designed to detect and block, or otherwise direct, non-human traffic that may interfere with site operations. The Bot Manager features mitigate bots that conduct content and price scraping, vulnerability scanning, comment spam, brute force attacks, and application-layer DDoS attacks. You can also allowlist good bots.
See Bot Management for more information.
See WAF Protection Rules for more information.
As a WAF administrator you can define explicit actions for requests that meet various conditions. Conditions use various operations and regular expressions. A rule action can be set to log and allow, detect, block, redirect, bypass, or show a CAPTCHA for all matched requests. You can also use the IP Whitelist tab to manage whitelists containing trusted IP addresses that bypass all rules and challenges.
See Access Control for more information.
See Caching Rules for more information.