Comprehensive threat protection
Defend against OWASP Top 10 vulnerabilities, including SQL injections, XSS with intelligent filtering and adaptive security measures.
Currently in Public Beta - API only
Scaleway’s WAF safeguards your web applications by proactively detecting and mitigating cyber threats, ensuring uninterrupted performance and data integrity.
Defend against OWASP Top 10 vulnerabilities, including SQL injections, XSS with intelligent filtering and adaptive security measures.
Benefit from multi-paranoia levels and automated rule updates, ensuring continuous protection against evolving threats without manual intervention.
Maintain high performance even under heavy traffic while meeting industry security standards, reducing the risk of data breaches and service disruptions.
OWASP Top 10
Based on OWASP Core Rule Set
Multi-paranoia level
From 1 (low) to 4 (high)
Compatibility
Scaleway Load Balancer as origin
Ecosystem
Feature of Edge Services
API and Console
API only during Public Beta. (Console coming soon)
Filter web traffic based on URL and HTTP header rules to provide an additional layer of protection against web attacks
Web Application Firewalls help ecommerce platforms detect and block malicious traffic attempting credential stuffing or carding attacks, which can lead to financial loss and compromised customer data.
WAF helps ensure uninterrupted content delivery by blocking malicious traffic and protecting digital assets from theft or redistribution through advanced threat detection and access control rules.
Enjoy peace of mind with our 24/7 customer support. We ensure your infrastructure is always up and running.
We offer a new experience with API access, Linux distributions, an intuitive console, and Terraform. Our customer is in the center of our business.
Keep your customers’ data in Europe within our regions in Paris, Amsterdam & Warsaw. We guarantee true sovereignty from the infrastructure to the software level.
Security requirements regarding the protection of data and cloud services, and data centers are essential. That’s why we never compromise on the security.
Anticipating Cyberthreats: The Winning Duo of WAF and Caching
In 2024, Europe saw an explosion in cyberattacks targeting web applications and information systems. According to ENISA, the most frequent attacks...
The fundamentals of anti-DDoS protection
Distributed Denial-of-Service (DDoS) attacks are attempts to disrupt the activity of a service, server, or network by continuously flooding it with requests. The origin of these requests...
Web Application Firewall is a feature available via Edge Services for Load Balancer origins only. When enabled, WAF filters requests to your Load Balancer origin to determine whether they are potentially malicious. You can choose the paranoia level to be used when evaluating requests, and set exclusions to define traffic that shouldn't be filtered by WAF. Requests that are judged to be malicious are blocked or logged, depending on the settings you choose.
For now, this isn't possible: you must put such resources behind a Load Balancer in order to benefit from WAF. Watch this space for other solutions in the future.
Yes, you can have both of these features enabled at the same time on the same Load Balancer pipeline. WAF protects your Load Balancer origin only: it does not filter requests served by the cache.
Scaleway Edge Services WAF uses the OWASP Core Rule Set (CRS). This is an industry standard, open source ruleset for WAF, which protects against multiple categories of attack such as SQL injection and cross-site scripting. Full details are available in the OWASP CRS documentation.
We handle the regular updating of rules, removing this hassle from you the user.