Web Application Firewall

A Web Application Firewall is a reverse proxy that protects HTTP applications from a variety of malicious attacks, such as cross site scripting (XSS) and SQL injection.

Protect your business with the most complete WAF offering at the Edge.

section.io offers multiple WAF options for your Edge PaaS, including rules-based WAFs and modern intelligent WAFs currently protecting some of the world’s largest web applications.


Keep your business up and running.

Attacks on HTTP applications are now incredibly common and increasingly sophisticated. By adding a WAF to your Edge PaaS, you can prevent your site from being taken offline by malicious attacks while protecting your revenue and customer experience.

IP blocking

Protect your data.

Many HTTP application attacks are designed to steal sensitive information about your business or customers. With the right WAF, you can protect your application from known vulnerabilities and mitigate attacks when they do occur.

website performance

Protect your brand reputation.

Brand reputation can be severely tarnished by a hack or DDOS attack, damaging trust with your customers and impacting revenue. Bots are responsible for web scraping and fraud which can further erode your standing in the market. An effective WAF can stop these bots and attacks in their tracks and keep your brand reputation intact.


Free up engineering resources.

Modern WAFs no longer require constant maintenance and rules writing from your engineering team to be effective. Free up your engineering resources by implementing a modern “learning” WAF that can recognize threats automatically through machine learning and algorithms.

section.io offers the most powerful WAFs available.

The Web Application Firewall industry is innovating rapidly with powerful new solutions hitting the market each year. With section.io, you can take advantage of the latest advancements in WAF technology without the risk of locking yourself into an outdated technology. With several of the industry’s best WAF’s available in our reverse proxy library, you will never have to compromise and securing the best security solution for you application. Learn more aboutThreat X Intelligent WAF, Signal Sciences Web Protection Platform, and open-source WAF ModSecurity.

Setting up a WAF on section.io is incredibly simple, and you get the added benefit of network layer DDOS protection by deploying the WAF on a distributed network. By using section.io as your Edge PaaS, you also get the ability to run your WAF in your development environment for testing, and comprehensive access to DevOps logs and metrics to keep an eye on what is going on at the edge.

Talk to a Developer

Web Application Firewall: Technical Details

Getting started with a WAF on section.io starts with deciding which technology fits best with your application. Regardless of the WAF you choose, it will be seamlessly integrated into the section.io platform with enough flexibility to choose where in the edge stack it is deployed.

For the open-source rules based WAF, you will have full control of the configuration with no limits on the number of rules used for blocking threats. You will have full access to logs, metrics, and monitoring at the edge to help you fine-tune your blocking rules to ensure you are keeping your application protected.

The process for implementing the intelligent WAFs varies depending on the choice of software, but can include two phases: baselining and blocking. Once the WAF is added to your edge stack, it will go into baselining mode where it develops a traffic profile for your website. Once enough data has been collected, the WAF moves into the blocking phase where it will automatically identify threats and block them accordingly.

Threat X    Signal Sciences    ModSecurity