Merlin WAF filters out malicious requests, providing an extra layer of security between your website and visitors.AN ADVANCED HTTP FILTERING TOOL
Secure Content
Origin Protection
High Performance
Advanced Control
What is Merlin WAF?
Merlin WAF is an advanced HTTP filtering tool for web applications to protect their content and the origin servers. Merlin WAF is the first defense mechanism between your website and visitors. The main aim of using WAF is to filter out malicious requests. Since the traffic and requests are passed through the Merlin WAF, it works as a wall that protects your servers.
MERLIN WAF MAIN BENEFITS

Increase the Quality of Your Services
Using Merlin WAF will increase the quality of your services and your websites with more security, without lowering the performance of your website.

24/7 Support
Your problem is our priority! We have a team of experts standing by to help you with any question or concern. You can contact them 24/7 right from your computer.

Unlimited Ticket Benefits
There are no limits for opening tickets and we will return in a couple of hours according to your support plan to help solving your problem.

Custom Rules
You can set up custom rules to decide which requests may go through them and how they should be treated.

Protect Your Origin Server
Since the traffic and requests are passed through the WAF, it works as a wall that protects your servers.

Filter Your Traffic / Requests
WAF is the first defense mechanism between the website and visitors. The main aim of using WAF is to filter out malicious requests.
Merlin WAF Features
Incoming requests to your site may not always be benign as your potential customers. Types of request with malicious software may cause a lot of damage on your site including crashes. WAF on your CDN servers provides you to filter incoming requests to your site.

PREDEFINED RULES
Use Managed Rules which are created by security experts to protect your site from OWASP Top 8 Vulnerabilities. With features like DDoS protection and SQL injection prevention, you can keep your servers safe from many attacks.
Java Attack | JAVA Injection attacks occur when a malicious user tries to execute a java script on the server by including the script in the request. | Technical |
LFI Attack | Local File Inclusion attacks occur when a malicious user tries to access a local file that they should not have access to. Successful LFI attacks results in the server being compromised. | Technical |
NodeJS Attack | NodeJS injection attacks occur when a malicious user tries to execute a nodejs script on the server by including the script in the request. | Technical |
PHP Attack | PHP injection attacks occur when a malicious user tries to execute a php script on the server by including the script in the request. | Technical |
RCE Attack | Remote Code Execution attacks occur when a malicious user tries to execute code on the server. | Technical |
RFI Attack | Remote File Inclusion attacks occur when a malicious user tries to include a remote file into the server for the purpose of making the web application execute it. Successful RFI attacks results in the server being compromised. | Technical |
SQLI Attack | SQL injection attacks occur when a malicious user injects sql commands disguised as data to the web application. If the injected contents are included in the sql queries that the web application executes, the meaning of the query may change to execute malicious commands in the database. | Technical |
XSS Attack | Cross-Site Scripting attacks are a general type of injection where any kind of script can be use. Malicious scripts are injected into trusted sources/web browsers with the purpose of making them execute it. | Technical |
Frequently Asked Questions
Merlin WAF can restrict the OWASP Top 10 cyber attacks which are:
- Injection
- Broken authentication
- Sensitive data exposure
- XML external entities (XXE)
- Broken access control
- Security misconfigurations
- Cross site scripting (XSS)
- Insecure deserialization
- Using components with known vulnerabilitiess
- Insufficient logging and monitoring
If you are not a Merlin customer, register now and increase your website’s experience by accelerating and securing it.
You can register now and start using Merlin with $10 free credits.