We protect your projects from OWASP Top 10 and targeted attacks without compromising speed or availability.
Quick
start
Easy
to rent
GDPR
compliance
WAF is a web application firewall. It sits between the user and your site, inspecting every request and allowing only safe traffic through.
Suspicious attempts - such as SQL injections or malicious scripts - are blocked. This keeps your data secure and your website running smoothly.
The system analyzes incoming traffic and blocks malicious requests before they ever reach your application.
WAF can be enabled in just a few clicks in the control panel, with no complex setup, and is available together with CDN.
Charges apply for every 10,000 requests, avoiding overpayment for unused ones.
No complex setup - just a couple of clicks and the CDN-based WAF protects your product from web threats.
Signing up in the Serverspace control panel takes just 20 seconds. All you need is an email address.
In the left sidebar, go to the CDN section, select WAF, and attach the link to your website or web application.
Congratulations! Your website is now protected from 99.9% of web threats. You can continue working safely.
Enable or disable attack protection directly in the interface with no complex setup.
You can choose between detection only (logging) or full blocking of suspicious requests.
Log storage and a detailed incident journal for analysis and compliance with security requirements.
New signatures and policies are applied without service downtime, ensuring up-to-date protection at all times.
WAF protects payment forms and customer accounts from hacking and data theft.
It monitors requests to shopping carts, payment forms, and personal accounts. By blocking attempts to inject malicious code or intercept card data, it reduces the risk of fraud and leaks.
Helps meet PCI DSS requirements and blocks attacks on online services.
WAF inspects all traffic for vulnerabilities, protecting online banking and APIs from SQL injections and XSS. This supports PCI DSS audits and maintains customer trust.
Prevents leaks of personal data of students and citizens.
Services with personal accounts and databases of students or citizens are protected from unauthorized access. WAF stops large-scale data leaks and attacks on portals.
Ensures service stability, API protection, and SLA compliance for clients.
WAF filters requests to APIs, authorization modules, and control panels. It reduces the load from bots and hacker scanners, helping maintain SLAs and stable service performance.
To enable WAF, your website must be connected to CDN. In the site settings, activating WAF takes just a couple of clicks.
Serverspace WAF offers transparent billing: charges apply for every 10,000 requests, preventing overpayment and scaling alongside your traffic growth.
Why is WAF only available with CDN?
In Serverspace, WAF operates at the content delivery network (CDN) level. This approach filters traffic before it reaches your server, reducing infrastructure load. Combined with CDN, protection against SQL injections, XSS, and other OWASP threats becomes highly effective: malicious requests are blocked at the perimeter, while users enjoy fast and secure access to applications.
How is WAF billed in Serverspace?
Serverspace WAF uses fully transparent billing: charges apply for every 10,000 requests passing through the filtering system.
This model gives you precise cost control without overpaying for unused packages. As your project traffic grows, payments scale automatically, keeping the balance between security and budget.
What makes WAF different from DDoS protection?
DDoS protection blocks large-scale network attacks that overload servers, while WAF analyzes each HTTP/HTTPS request to safeguard applications from OWASP Top 10 threats such as SQL injections, XSS, API attacks, and data leaks. The best results come from using both services together. For comprehensive protection, you can enable WAF in Serverspace along with DDoS filtering.
Where can I activate the service?
WAF is available directly in the Serverspace control panel under the CDN section. Activation takes just a few seconds and doesn’t require any additional software. Simply open the interface and click “Enable WAF”, and protection will start working automatically.
