AN ADVANCED HTTP FILTERING TOOL

Merlin WAF filters out malicious requests, providing an extra layer of security between your website and visitors.

Secure Content
Secure Content
Origin Protection
Origin Protection
High Performance
High Performance
Advanced Control
Advanced Control

PREDEFINED RULES

Use Managed Rules which are created by security experts to protect your site from OWASP Top 8 Vulnerabilities. With features like DDoS protection and SQL injection prevention, you can keep your servers safe from many attacks.

Java Attack JAVA Injection attacks occur when a malicious user tries to execute a java script on the server by including the script in the request. Get Started
LFI Attack Local File Inclusion attacks occur when a malicious user tries to access a local file that they should not have access to. Successful LFI attacks results in the server being compromised. Get Started
NodeJS Attack NodeJS injection attacks occur when a malicious user tries to execute a nodejs script on the server by including the script in the request. Get Started
PHP Attack PHP injection attacks occur when a malicious user tries to execute a php script on the server by including the script in the request. Get Started
RCE Attack Remote Code Execution attacks occur when a malicious user tries to execute code on the server. Get Started
RFI Attack Remote File Inclusion attacks occur when a malicious user tries to include a remote file into the server for the purpose of making the web application execute it. Successful RFI attacks results in the server being compromised. Get Started
SQLI Attack SQL injection attacks occur when a malicious user injects sql commands disguised as data to the web application. If the injected contents are included in the sql queries that the web application executes, the meaning of the query may change to execute malicious commands in the database. Get Started
XSS Attack Cross-Site Scripting attacks are a general type of injection where any kind of script can be use. Malicious scripts are injected into trusted sources/web browsers with the purpose of making them execute it. Get Started
WAF Security

Managing WAF Security Have Never Been Easier

You can create and customize any rule you need to secure your website on Merlin Panel. It is one of the most easy-to-use security software.

Merlin WAF Features

Incoming requests to your site may not always be benign as your potential customers. Types of request with malicious software may cause a lot of damage on your site including crashes. WAF on your CDN servers provides you to filter incoming requests to your site.

  • Custom Firewall Rules
  • Regex Rules
  • IP-Based Blocking
  • Location-based Blocking
  • User Agent Blocking
  • OWASP Top 8 Threats Protection
services

MERLIN WAF MAIN BENEFITS

icon
Increase the Quality of Your Services

Using Merlin WAF will increase the quality of your services and your websites with more security, without lowering the performance of your website.

icon
24/7 Support

Your problem is our priority! We have a team of experts standing by to help you with any question or concern. You can contact them 24/7 right from your computer.

icon
Unlimited Ticket Benefits

There are no limits for opening tickets and we will return in a couple of hours according to your support plan to help solving your problem.

icon
Custom Rules

You can set up custom rules to decide which requests may go through them and how they should be treated.

icon
Protect Your Origin Server

Since the traffic and requests are passed through the WAF, it works as a wall that protects your servers.

icon
Filter Your Traffic / Requests

WAF is the first defense mechanism between the website and visitors. The main aim of using WAF is to filter out malicious requests.

What is Merlin WAF?

Merlin WAF is an advanced HTTP filtering tool for web applications to protect their content and the origin servers. Merlin WAF is the first defense mechanism between your website and visitors. The main aim of using WAF is to filter out malicious requests. Since the traffic and requests are passed through the Merlin WAF, it works as a wall that protects your servers.

Merlin WAF can restrict the OWASP Top 10 cyber attacks which are:

  • Injection
  • Broken authentication
  • Sensitive data exposure
  • XML external entities (XXE)
  • Broken access control
  • Security misconfigurations
  • Cross site scripting (XSS)
  • Insecure deserialization
  • Using components with known vulnerabilities
  • Insufficient logging and monitoring

Merlin WAF is provided with the Merlin CDN. If you are already a Merlin CDN user, then you can use Merlin WAF. Don’t forget that only the 50TB+ plans include WAF. Hence you might need to upgrade your monthly plan.

If you are not a Merlin customer, register now and increase your website’s experience by accelerating and securing it.

You can register now and start using Merlin with $10 free credits.

If you just want to log the activities of your WAF Policy, instead of blocking or accepting requests directly, you can enable detection only mode. It logs the requests to be blocked or accepted but does not take action on them. It is useful for experimental cases.

Anyone who wants to keep their website safe and secure all the time can use Merlin WAF.
Start Protecting Your Website Today!
Merlin WAF is included to 50TB+ CDN Plans!