Web Application Firewall
The creoline WAF is currently in the closed beta phase. Setup is therefore only possible via our new customer center. Some features of the creoline WAF are only available to a limited extent due to active development.
Foreword
With the creoline WAF, we provide a highly available and dynamic web application firewall that is connected as a reverse proxy in front of your web server.
Functionality
The creoline WAF works as a reverse proxy in front of your web server and forwards incoming traffic directly to your server. The big advantage over conventional web application firewalls is that the entire decision process is handled before it reaches your server and our decision engine only needs 5 ms to make a decision, which also ensures optimum TTFB (Time To First Byte) for your web server.
Functions & plans
| Feature | Basic | Pro | Enterprise |
|---|---|---|---|
| Free (Beta) | €49.00 / month | €149.00 / month | |
| Origin Shielding | ✅ | ✅ | ✅ |
| Bot Protection | ✅ | ✅ | ✅ |
| AutoSSL | ✅ | ✅ | ✅ |
| Realtime-Threat-Protection | ✅ | ✅ | ✅ |
| Rate Limits | ✅ | ✅ | ✅ |
| Directory protection (Coming soon) | ✅ | ✅ | |
| User-defined rules (Coming soon) | ✅ | ✅ | |
| GEO Blocking (Coming soon) | ✅ | ✅ | |
| Waiting Rooms (Coming soon) | ✅ | ||
| Upstream Load Protection (Coming soon) | ✅ | ||
| Custom Challenge Page (Coming soon) | ✅ |
Features
Bot Protection
HTTP requests from bots are handled separately. Benign bots, such as the GoogleBot, are automatically allowed. Malicious bots are automatically blocked.
AutoSSL
Using the creoline WAF completely eliminates the need to issue and renew SSL certificates. The WAF automatically issues certificates for your domains and renews them automatically before they expire.
Realtime-Threat-Protection
Realtime Threat Protection automatically blocks common attacks such as path traversal, accessing hidden files, SQL injection and XSS attacks.
Rate limits
HTTP requests are categorized and assigned rate limits based on the category. A distinction is made in the standard between static and dynamic calls so that a targeted limit is possible.
Directory protection
You can use directory protection to protect certain paths of your web application separately. For example, the calling of paths such as /admin can be additionally protected.
User-defined rules
Create your own rules to automatically allow or block requests based on various criteria.
GEO Blocking
Block individual countries or entire continents with just a few clicks via the central administration interface.
Waiting Rooms
Large marketing campaigns no longer lead to a 504 gateway timeout. With our Waiting Room technology, the response time of your web application is measured in real time. If the response time falls below your desired value, additional visitors are automatically redirected to a waiting room.
Upstream Load Protection
With upstream load protection, you can protect your web server from large-scale attacks. If the average response time falls below a value defined by you, further requests are automatically rejected.
Custom Challenge Page
Design your own challenge page to display a logo of your company to visitors in the JavaScript challenge.