# How to Activate WAF

**WAF (Web Application Firewall)** enhances your website’s security by inspecting and filtering incoming HTTP/HTTPS traffic.\
You can enable it for any **Dynamic CDN Resource**, select the protection mode, and create **Custom Rules** to detect and block malicious requests.

{% hint style="info" %}
WAF is available only for **Dynamic CDN Resources**. Ensure your resource is active before proceeding.
{% endhint %}

{% stepper %}
{% step %}
**Access the WAF**

To begin configuration, log in to the [**Medianova Control Panel**](https://cloud.medianova.com) and navigate to the WAF settings.

* Go to **Security → WAF** in the left-hand menu.
* Select the Dynamic CDN Resource where you want to activate WAF.
* The WAF configuration page will open.

<figure><img src="/files/JxRexxU2swAn6ykIBRro" alt="" width="563"><figcaption></figcaption></figure>

{% hint style="info" %}
If you haven’t created a Dynamic CDN Resource yet, go to **CDN → Create CDN Resource** first, then return to this section.
{% endhint %}
{% endstep %}

{% step %}
**Choose WAF Mode**

Select how the firewall will operate for your CDN Resource.

* **Monitoring Only:** Logs all requests but does not block them. Recommended for initial setup and rule tuning.
* **On:** Fully active mode that filters and blocks malicious traffic in real time.

After selecting a mode, click **Save** to apply the change.

<figure><img src="/files/UwLW9RNuZNoBydsWqVpD" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
Start with **Monitoring Only** mode to observe your application’s normal request patterns before enabling full protection.
{% endhint %}
{% endstep %}

{% step %}
**Create Your First Rule**

After activation, you can define custom rules to control how WAF handles requests.\
For example, you can block requests from specific IP ranges or allow trusted user agents.

To create or manage rules, go to [Managing Rules & Actions](/products/security/web-application-firewall-waf/manage-rules-and-actions.md).

{% hint style="info" %}
Rule configuration is optional at activation. WAF includes predefined Managed Rules that are enabled by default.
{% endhint %}
{% endstep %}

{% step %}
**Verify WAF Activation**

Once WAF is enabled, the **Status** indicator on your resource page will show “Active.”\
Incoming requests are now analyzed by the firewall and logged in real time.

You can monitor activity in the **Analytics → WAF Dashboard** section.

{% hint style="info" %}
WAF logs and metrics may take up to a few minutes to appear after initial activation.
{% endhint %}
{% endstep %}
{% endstepper %}

#### Best Practices

* Always start with **Monitoring Only** mode for new configurations.
* Combine **Managed Rules** and **Custom Rules** for optimal coverage.
* Review your WAF Analytics regularly to track threats and rule behavior.
* Avoid creating overly broad rules to minimize false positives.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://clients.medianova.com/products/security/web-application-firewall-waf/how-to-activate-waf.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.