ScalewaySkip to loginSkip to main contentSkip to footer section
HomeWAF

WAF (Web Application Firewall)

Currently in Public Beta - API only

Scaleway’s WAF safeguards your web applications by proactively detecting and mitigating cyber threats, ensuring uninterrupted performance and data integrity.

Start with APIWAF Documentation

Comprehensive threat protection

Defend against OWASP Top 10 vulnerabilities, including SQL injections, XSS with intelligent filtering and adaptive security measures.

Advanced customization & automation

Benefit from multi-paranoia levels and automated rule updates, ensuring continuous protection against evolving threats without manual intervention.

Scalability & compliance

Maintain high performance even under heavy traffic while meeting industry security standards, reducing the risk of data breaches and service disruptions.

Technical specifications

  • check

    OWASP Top 10

    Based on OWASP Core Rule Set

  • check

    Multi-paranoia level

    From 1 (low) to 4 (high)

  • check

    Compatibility

    Scaleway Load Balancer as origin

  • check

    Ecosystem

    Feature of Edge Services

  • check

    API and Console

    API only during Public Beta. (Console coming soon)

Popular use cases

Filter web traffic based on URL and HTTP header rules to provide an additional layer of protection against web attacks

Web Application Firewalls help ecommerce platforms detect and block malicious traffic attempting credential stuffing or carding attacks, which can lead to financial loss and compromised customer data.

WAF helps ensure uninterrupted content delivery by blocking malicious traffic and protecting digital assets from theft or redistribution through advanced threat detection and access control rules.

Why choose Scaleway?

Support 24/7

Enjoy peace of mind with our 24/7 customer support. We ensure your infrastructure is always up and running.

Enriched experience

We offer a new experience with API access, Linux distributions, an intuitive console, and Terraform. Our customer is in the center of our business.

European sovereignty

Keep your customers’ data in Europe within our regions in Paris, Amsterdam & Warsaw. We guarantee true sovereignty from the infrastructure to the software level.

Security and compliance

Security requirements regarding the protection of data and cloud services, and data centers are essential. That’s why we never compromise on the security.

Get started with tutorials

Tutorials

Get to know more

Frequently asked questions

What is WAF?

Web Application Firewall is a feature available via Edge Services for Load Balancer origins only. When enabled, WAF filters requests to your Load Balancer origin to determine whether they are potentially malicious. You can choose the paranoia level to be used when evaluating requests, and set exclusions to define traffic that shouldn't be filtered by WAF. Requests that are judged to be malicious are blocked or logged, depending on the settings you choose.

I don't have a Load Balancer, how can I use WAF with a different type of Scaleway resource?

For now, this isn't possible: you must put such resources behind a Load Balancer in order to benefit from WAF. Watch this space for other solutions in the future.

Can I use WAF and caching simultaneously?

Yes, you can have both of these features enabled at the same time on the same Load Balancer pipeline. WAF protects your Load Balancer origin only: it does not filter requests served by the cache.

What ruleset is used by WAF? Is it updated automatically?

Scaleway Edge Services WAF uses the OWASP Core Rule Set (CRS). This is an industry standard, open source ruleset for WAF, which protects against multiple categories of attack such as SQL injection and cross-site scripting. Full details are available in the OWASP CRS documentation.

We handle the regular updating of rules, removing this hassle from you the user.