WAF - Web application firewall

WAF allows you to define specific rules which dictate how WebSonic.io should respond to the requests. Based on your configuration, WebSonic.io either allows access to your content or returns with a 403 (Forbidden) or 429 (Too many requests) HTTP status code.

How to enable WAF?

Go to WAF - Web application firewall section in the configuration editor and enable the WAF. Now all requests are evaluated by WAF to check if access to the content should be granted or not.

1ms processing time All the rules in a WAF are evaluated in 1ms and enabling the WAF does not increases the TTFB for your requests.

Restricting which HTTP methods should work

By default, WebSonic.io supports GET, HEAD, POST, PUT, DELETE, OPTIONS and PATCH HTTP methods. However, you can control which HTTP methods should work under general settings in the WAF section.

Advance security settings 🔐

Advance security provides protection against common exploits and vulnerabilities. Following attacks are covered:

  1. Web Shell

Advance security settings

Scan payload body for detection and blocking attacks

By default request body is not scanned for attacks. You can choose to turn on this scanning for additional security.