Web Application Firewall
Foreword
With the creoline WAF, we provide a highly available and dynamic web application firewall.
Functionality
The creoline WAF works as a reverse proxy in front of your website and forwards incoming traffic directly to your server. The big advantage over conventional web application firewalls is that the entire decision-making process is handled before it reaches your server.
Features
Bot Protection
HTTP requests from bots are handled separately. Benign bots, such as the GoogleBot, are automatically allowed. Malicious bots are automatically blocked.
AutoSSL
Using the creoline WAF completely eliminates the need to issue and renew SSL certificates. The WAF automatically issues certificates for your domains and renews them automatically before they expire.
Realtime-Threat-Protection
Realtime Threat Protection automatically blocks common attacks such as path traversal, accessing hidden files, SQL injection and XSS attacks.
Rate limits
HTTP requests are categorized and rate-limited based on the category.
Directory protection
You can use directory protection to protect certain paths of your web application separately. For example, the calling of paths such as /admin can be additionally protected.
User-defined rules
Create your own rules to automatically allow or block certain types of requests.
GEO Blocking
Block individual countries or entire continents with just a few clicks via the central administration interface.
Waiting Rooms
Large marketing campaigns no longer lead to a 504 gateway timeout. With our Waiting Room technology, the response time of your web application is measured in real time. If the response time falls below your desired value, additional visitors are automatically redirected to a waiting room.
Upstream Load Protection
With upstream load protection, you can protect your web server from large-scale attacks. If the average response time falls below a value defined by you, further requests are automatically rejected.
Custom Challenge Page
Design your own challenge page to display a logo of your company to visitors in the JavaScript challenge.