AN ADVANCED HTTP FILTERING TOOL

Merlin WAF filters out malicious requests, providing an extra layer of security between your website and visitors.

cyber secure website content
Secure Content
origin cyber protection with waf
Origin Protection
high performance with waf
High Performance
advanced control on the web application firewall
Advanced Control

What is Merlin WAF?

Merlin WAF is an advanced HTTP filtering tool for web applications to protect their content and the origin servers. Merlin WAF is the first defense mechanism between your website and visitors. The main aim of using WAF is to filter out malicious requests. Since the traffic and requests are passed through the Merlin WAF, it works as a wall that protects your servers.

MERLIN WAF MAIN BENEFITS

Increase the Quality of Your Services
Increase the Quality of Your Services

Using Merlin WAF will increase the quality of your services and your websites with more security, without lowering the performance of your website.

24/7 WAF Support Team
24/7 Support

Your problem is our priority! We have a team of experts standing by to help you with any question or concern. You can contact them 24/7 right from your computer.

Unlimited Ticket Requests
Unlimited Ticket Benefits

There are no limits for opening tickets and we will return in a couple of hours according to your support plan to help solving your problem.

Custom Rules on Your WAF Service
Custom Rules

You can set up custom rules to decide which requests may go through them and how they should be treated.

icon
Protect Your Origin Server

Since the traffic and requests are passed through the WAF, it works as a wall that protects your servers.

Filter yourwebsite traffic by waf
Filter Your Traffic / Requests

WAF is the first defense mechanism between the website and visitors. The main aim of using WAF is to filter out malicious requests.

Merlin WAF Features

Incoming requests to your site may not always be benign as your potential customers. Types of request with malicious software may cause a lot of damage on your site including crashes. WAF on your CDN servers provides you to filter incoming requests to your site.

  • Custom Firewall Rules
  • Regex Rules
  • IP-Based Blocking
  • Location-based Blocking
  • User Agent Blocking
  • OWASP Top 8 Threats Protection
Merlin WAF Features
WAF Security

Managing WAF Security Have Never Been Easier

You can create and customize any rule you need to secure your website on Merlin Panel. It is one of the most easy-to-use security software.

PREDEFINED RULES

Use Managed Rules which are created by security experts to protect your site from OWASP Top 8 Vulnerabilities. With features like DDoS protection and SQL injection prevention, you can keep your servers safe from many attacks.

Java Attack JAVA Injection attacks occur when a malicious user tries to execute a java script on the server by including the script in the request. Technical
LFI Attack Local File Inclusion attacks occur when a malicious user tries to access a local file that they should not have access to. Successful LFI attacks results in the server being compromised. Technical
NodeJS Attack NodeJS injection attacks occur when a malicious user tries to execute a nodejs script on the server by including the script in the request. Technical
PHP Attack PHP injection attacks occur when a malicious user tries to execute a php script on the server by including the script in the request. Technical
RCE Attack Remote Code Execution attacks occur when a malicious user tries to execute code on the server. Technical
RFI Attack Remote File Inclusion attacks occur when a malicious user tries to include a remote file into the server for the purpose of making the web application execute it. Successful RFI attacks results in the server being compromised. Technical
SQLI Attack SQL injection attacks occur when a malicious user injects sql commands disguised as data to the web application. If the injected contents are included in the sql queries that the web application executes, the meaning of the query may change to execute malicious commands in the database. Technical
XSS Attack Cross-Site Scripting attacks are a general type of injection where any kind of script can be use. Malicious scripts are injected into trusted sources/web browsers with the purpose of making them execute it. Technical

Frequently Asked Questions

Merlin WAF can restrict the OWASP Top 10 cyber attacks which are:

  • Injection
  • Broken authentication
  • Sensitive data exposure
  • XML external entities (XXE)
  • Broken access control
  • Security misconfigurations
  • Cross site scripting (XSS)
  • Insecure deserialization
  • Using components with known vulnerabilitiess
  • Insufficient logging and monitoring

Merlin WAF is provided with the Merlin CDN. If you are already a Merlin CDN user, then you can use Merlin WAF. Don’t forget that only the 50TB+ plans include WAF. Hence you might need to upgrade your monthly plan.

If you are not a Merlin customer, register now and increase your website’s experience by accelerating and securing it.

You can register now and start using Merlin with $10 free credits.

If you just want to log the activities of your WAF Policy, instead of blocking or accepting requests directly, you can enable detection only mode. It logs the requests to be blocked or accepted but does not take action on them. It is useful for experimental cases.

Anyone who wants to keep their website safe and secure all the time can use Merlin WAF.
Start Protecting Your Website Today!
Merlin WAF is included to 50TB+ CDN Plans!