Cloud-Based WAF Security | Web Application Firewall

Protect your apps from OWASP Top-10 threats and targeted attacks — without slowing down or losing availability.

By signing up you agree to the Terms of Service.

What is WAF?

A WAF is a firewall built for web applications. It sits between the user and your site, inspecting every request and letting only safe traffic through.

Suspicious attempts — like SQL injections or malicious scripts — get blocked, keeping your data secure and your site running smoothly.

ssl5
icon_40x40_security
Attack Blocking

The system analyzes incoming traffic and blocks malicious requests before they ever reach your application.

icon_40x40_exp1
CDN-Only

WAF can be enabled in just a few clicks from the control panel—no complex setup required—and it works seamlessly with CDN.

icon_40x40_admin_access
Flexible Billing

Billing is based on every 10,000 requests, so you never overpay for unused capacity.

How to enable WAF in Serverspace?

No complicated setup—just a couple of clicks and the CDN-powered WAF shields your product from web threats.

icon_100x100_join
Create Account

Signing up in the Serverspace control panel takes just 20 seconds — all you need is your email address.

icon_100x100_development
Add your link

In the left sidebar under CDN, select WAF and add the link to your website or web application.

100x100_dns_icon
Apply

Congrats—your site is now protected from 99.9% of web threats. You’re all set to keep working.

Benefits of WAF in Serverspace

icon_40x40_Cloud
Instant Management

Turn attack protection on or off right from the interface — no complicated setup required.

icon_40x40_Features
Flexible Operation

You can choose between detection-only mode (logging) or full blocking of suspicious requests.

icon_40x40_Docs
Audit Transparency

Log storage and a detailed incident journal for analysis and compliance with security requirements.

icon_40x40_growth
Auto Rule Updates

New signatures and policies are updated without service downtime, ensuring your protection stays up to date.

WAF is the solution for you if:

icon_100x100_get_money

E-commerce

WAF protects checkout forms and customer accounts from hacks and data theft.

It monitors requests to shopping carts, payment forms, and user dashboards, blocking attempts to inject malicious code or steal card details—reducing the risk of fraud and data leaks.

icon_100x100_payment

Fintech & Banking

Helps meet PCI DSS requirements and blocks attacks on online services.

WAF inspects all traffic for vulnerabilities, protecting online banking and APIs from SQL injections and XSS. This makes PCI DSS audits easier and helps maintain customer trust.

icon_100x100_support

Public Sector & Education

Prevents leaks of personal data from students and citizens.

Services with user accounts and databases of students or citizens are protected from unauthorized access. WAF stops large-scale data breaches and attacks on public portals.

icon_100x100_Support

SaaS Platforms

Ensures service stability, API protection, and SLA compliance.

WAF filters requests to APIs, login modules, and the control panel. It reduces the load from bots and scanners, helping maintain SLAs and keep services running smoothly.

Pay only for what you protect

Billing in Serverspace WAF is fully transparent: charges are based on every 10,000 requests, eliminating overpayment and scaling seamlessly as your traffic grows.

Common Questions

Why is WAF only available with CDN?

In Serverspace, WAF operates at the content delivery network (CDN) level. This setup filters traffic before it ever reaches your server, reducing infrastructure load. By working in tandem with CDN, protection against SQL injections, XSS, and other OWASP threats becomes highly effective: malicious requests are blocked at the edge, while users enjoy fast and secure access to your applications.

How is WAF billed in Serverspace?

Billing in Serverspace WAF is fully transparent: charges apply for every 10,000 requests processed through the filtering system.

This model gives you precise cost control with no overpayment for unused bundles. As your project traffic grows, the billing scales right along with it.

How is WAF different from DDoS protection?

DDoS protection blocks large-scale network attacks that overload servers, while WAF inspects every HTTP/HTTPS request to defend applications against OWASP Top-10 threats like SQL injections, XSS, API attacks, and data leaks. The best results come from using both services together. For complete website security, you can enable WAF in Serverspace alongside DDoS filtering.

Where can I activate the service?

WAF is available right in the Serverspace control panel under the CDN section. Setup takes just seconds and requires no extra software. Simply open the interface, click “Enable WAF”, and protection starts automatically.