medianova.comSupportLog in

How to Activate WAF

Learn how to activate and configure the Web Application Firewall (WAF) for your CDN Resources in the Medianova Control Panel.

WAF (Web Application Firewall) enhances your website’s security by inspecting and filtering incoming HTTP/HTTPS traffic. You can enable it for any Dynamic CDN Resource, select the protection mode, and create Custom Rules to detect and block malicious requests.

WAF is available only for Dynamic CDN Resources. Ensure your resource is active before proceeding.

1

Access the WAF

To begin configuration, log in to the Medianova Control Panel and navigate to the WAF settings.

  • Go to Security → WAF in the left-hand menu.

  • Select the Dynamic CDN Resource where you want to activate WAF.

  • The WAF configuration page will open.

If you haven’t created a Dynamic CDN Resource yet, go to CDN → Create CDN Resource first, then return to this section.

2

Choose WAF Mode

Select how the firewall will operate for your CDN Resource.

  • Monitoring Only: Logs all requests but does not block them. Recommended for initial setup and rule tuning.

  • On: Fully active mode that filters and blocks malicious traffic in real time.

After selecting a mode, click Save to apply the change.

Start with Monitoring Only mode to observe your application’s normal request patterns before enabling full protection.

3

Create Your First Rule

After activation, you can define custom rules to control how WAF handles requests. For example, you can block requests from specific IP ranges or allow trusted user agents.

To create or manage rules, go to Managing Rules & Actions.

Rule configuration is optional at activation. WAF includes predefined Managed Rules that are enabled by default.

4

Verify WAF Activation

Once WAF is enabled, the Status indicator on your resource page will show “Active.” Incoming requests are now analyzed by the firewall and logged in real time.

You can monitor activity in the Analytics → WAF Dashboard section.

WAF logs and metrics may take up to a few minutes to appear after initial activation.

Best Practices

  • Always start with Monitoring Only mode for new configurations.

  • Combine Managed Rules and Custom Rules for optimal coverage.

  • Review your WAF Analytics regularly to track threats and rule behavior.

  • Avoid creating overly broad rules to minimize false positives.

PreviousWeb Application Firewall (WAF)NextManage Rules & Actions

Last updated

Was this helpful?